cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Announcements
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

1013
Views
0
Helpful
4
Replies
Highlighted
Beginner

ACS 4.2 Authorisation failed by a user that doesn't exist

Hi,

I am getting Authorisation requests failed log entries for a user however there aren't any successful authentication logs.

The user would never be able to authenticate as it no longer exists in ACS (it was the user for someone who left the company 3-4 month ago)

The other wierd thing is that the caller-id is 0.0.0.0

BTW the NAS is a Cisco ASA firewall running 8.0(3)

Thanks for the help

Everyone's tags (3)
4 REPLIES 4
Highlighted
Rising star

ACS 4.2 Authorisation failed by a user that doesn't exist

So what's weird about what u've said?

Highlighted

ACS 4.2 Authorisation failed by a user that doesn't exist

This usually happens if the user is still exist but has no privilege to the network (user is disabled or enabled but with no authorization to the specified device).

Make sure that the user is deleted. If you are talking about an AD user, then make sure to also delete the corresponding dynamic user in the ACS server.

HTH

Amjad

Rating useful replies is more useful than saying "Thank you"
Highlighted
Beginner

ACS 4.2 Authorisation failed by a user that doesn't exist

The weird thing is that the caller-id is 0.0.0.0 while afaik it should be the ip address of the client machine.

Highlighted
Beginner

ACS 4.2 Authorisation failed by a user that doesn't exist

Hi Amjad,

I am completly sure the user doesn't exist in the acs database and we don't have AD integration.

Cheers,

Nuno