Re: ACS 5.1 and dial in via internal user database

StevieOliver_2 · ‎08-04-2010

Hi

I am trying to authenticate dial in users on ACS 5.1

I see from the feature comparison that ACS 5.1 Windows dial in Support is not supported. Does this mean that dial in support is not supported via Windows authentication, i.e AD authentication ? Or does it mean that dial in support via a Windows client is not supported ?

Would you expect a dial in user to be able to authenticate to the Internal user database ?

I have created a user in the Internal database and cannot get an authentication to work via dial-in. The reports see the user coming in but only say the result was an error. There are no specific error details.

Thanks, Stephen.

StevieOliver_2 · ‎08-05-2010

Latest update on this is I have set up a couple of routers in a lab with a ppp circuit between them doing pap authentication via the ACS. This is the nearest I can get to creating a dial in test.

Using Tacacs all I get is that Authentication ended with error. No details. This is the same error as the actual dial in on the customer site. No details on what the error actually is. tacacs debugs on the router don't help either. They give the error statement too.

However, when I change authentication to Radius it works a treat.

Is there something I am missing about the Tacacs authentication. In the Default Device admin Access policy pap/ascii is ticked as are all the other potential protocols even though the authentication reports as a pap session.

Any ideas would be welcome.

Thanks, Stephen.

StevieOliver_2 · ‎08-06-2010

Bug.

Upgraded to patch 3 and all worked ok.

Stephen.