Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
511
Views
0
Helpful
2
Replies

ACS 5.8 - Identity Store, LDAP and Internal User

Beaver928
Level 1
Level 1

‎09-22-2016 01:04 AM - edited ‎03-11-2019 12:06 AM

I setup an ACS 5.8 which the Identity Store, first authentication is the LDAP, next is Internal User. In order to test if the Internal User will kick in, we block the LDAP in the firewall. On the log, there's an error in the for the LDAP server and the,  Internal User match the policy. When I SSH the router, I key in the username, then it ask for a password, suddenly hangs for a few seconds, asking again the password. As I said, the Internal User matches the policy. No error on the logs. What is the problem here? Why it's accepting the password wherein it said in the log, matched the policy?

Labels:
Preview file
55 KB
0 Helpful
2 Replies 2

Jatin Katyal
Cisco Employee
Cisco Employee

‎09-22-2016 07:41 AM

Do you eventually through with the authentication or it keep asking for the password ? In the screen shot it says you matched the default rule. Run the tcpdump, use the T+ shared secret key to decrypt the traffic and look at T+ response. If you want, you can attach the capture here and send me the key in private.

~ Jatin

~Jatin
0 Helpful

Beaver928
Level 1
Level 1
In response to Jatin Katyal

‎09-27-2016 09:46 AM

How can I send your the TCPdump and the logs? It's confidential, I don't want to post it here.

0 Helpful
Customers Also Viewed These Support Documents