Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
12040
Views
20
Helpful
5
Replies

[Cisco ACS] 11036 The Message-Authenticator RADIUS attribute is invalid

Go to solution
Patrick Tran
Beginner
Beginner

‎09-07-2012 06:51 AM - edited ‎03-10-2019 07:30 PM

Hi,

I got many Cisco AP which are linked to 2 Cisco WLC.

On each WLC, I configured a primary and a secondary RADIUS Server.

RADIUS servers are Cisco ACS 5.2.0.26 (patch 10)

Primary and secondary ACS configurations are synchronized.

There are no problem between primary WLC and Cisco ACS (primary and secondary).

When secondary WLC requests primary Cisco ACS, I get this error "11036 The Message-Authenticator RADIUS attribute is invalid"

Secondary WLC automatically contacts secondary Cisco ACS and it works fine.

Cisco ACS description for this error: "This maybe because of mismatched Shared Secrets."

The two Cisco ACS are synchronized so I should have same error on them...

Why does primary ACS generate this error?

Thanks for your help,

Patrick

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Amjad Abdullah
VIP Alumni
VIP Alumni