ACS 5.4 works for 1 hour then authentication fails

jocantu · ‎01-27-2013

Has anyone ever run into this issue.

A deployment of two ACS devices where placed in the network. One being primary and the other being secondary. All network devices are directed to the secondary ACS. Everything works fine per replication and status both look healthy. After 1 hour of being up the network devices do not authenticate anymore. The only thing that pops up is the password statement. Normal behavior is a prompt with username followed by the password. During this time, all processes where running on both devices and both showed healthy. In addition, switches logs where checked to see if any type of port flapping was occurring and none where found. We also ran a continuous ping during this outage and the ACS kept responding.

Amjad Abdullah · ‎01-27-2013

You need to check ACS authentication logs and see why the devices are not getting authenticated successfully.

What are the clients that authenticate? are they wired or wireless? what eap method is used?

after the problem happen how do you resolve it? reload ACS?

What happen if you provide the correct password when the prompt appear? It works fine?

If providnig the correct password to the prompt make it work again then there is possibly some kind of sessoin timeout configured for the 1 hour period that when client connect the session will time out within one hour and users will get disconnected and they have to connect back again.

HTH

Amjad

Rating useful replies is more useful than saying "Thank you"

shailesh.pawar · ‎02-11-2013

Hi Jocantu,

Can u please give me logs generated from ACS 5.4

Thanks in advance