Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
376
Views
0
Helpful
1
Replies

ACS and NAT Advice Required

dansmith827
Level 1
Level 1

‎04-24-2013 01:06 AM - edited ‎03-10-2019 08:21 PM

Hi,

I have in the last 6 months migrated all of our network appliances ad VPN users from our old windows ACS V4 to a V5.4 appliance which is behind a  firewall on our management LAN. I have now stopped the old ACS but to ensure we did not get locked out of any network devices that were missed during the migration came up with the following plan.

1. Put a static route on our network to point requests to the old ACS server to the outsid einterfce of the management firewall

2. Apply a NAT to these requests to translate them tot he IP address of the new management firewall.

3. Apply an access rule to allow tacacs requests on TCP/49 through the firewall.

This did not work as planned and after tracing traffic through the network the access rules we bieng hit, traffic was passing through the firewall, hwoever ACS service requests were being denied. Has anyone any thoughts as to why this would occur. Any ideas would be appreciated.

Regards,

Dan.

Labels:
0 Helpful
1 Reply 1

Amjad Abdullah
VIP Alumni
VIP Alumni

‎04-24-2013 02:02 AM

Hi Dan,

What do you see on the ACS failure logs? what is the failure reason? what IP appears as the source of the reques?

Rating useful replies is more useful than saying "Thank you"

Rating useful replies is more useful than saying "Thank you"
0 Helpful
Customers Also Viewed These Support Documents