Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1066
Views
0
Helpful
4
Replies

ACS 5.2 Logs are not showing the MAC address

pchace
Level 1
Level 1

‎05-11-2012 06:18 AM - edited ‎03-10-2019 07:05 PM

We recently had to rebuild our ACS server.  Now when we have an 802.1x authentication failure and look at the RADIUS logs for the specific user, it does not show us the MAC address of the device the user tried to login with.  We use this all the time because users have PDAs and other mobile devices that they save their passwords on.  Then when they change their domain password on their laptop, they don't change it on their PDA which then tries to authenticate them using the wrong password and eventually locks them out.  We need to see the MAC address so we can pinpoint which device is causing the lockout.  The report I am generating is when you go to this location:

Monitoring & Reports > ... > Reports > Catalog > User > User_Authentication_Summary
Labels:
0 Helpful
4 Replies 4

Alex Pfeil
Level 7
Level 7

‎05-11-2012 03:22 PM

I would just do a radius authentication summary log

Thanks Alex

Sent from Cisco Technical Support iPhone App

0 Helpful

pchace
Level 1
Level 1
In response to Alex Pfeil

‎05-11-2012 07:01 PM

The MAC Address is not listed there either.  It seems that any log I try to view, the MAC is not there.

0 Helpful

pchace
Level 1
Level 1

‎05-18-2012 06:57 AM

So far it seems like it is an unconfrimed bug with Patch 9.  We installed patch 10 and it seemed to fix the problem.

0 Helpful

Jatin Katyal
Cisco Employee
Cisco Employee
In response to pchace

‎05-18-2012 07:47 PM

There is a common defect filed for missing info in patch 9

CSCtx39704    Information missing in Tacacs Accounting logs

Regards,

Jatin

~Jatin
0 Helpful
Customers Also Viewed These Support Documents