08-20-2012 06:21 AM - edited 03-10-2019 07:26 PM
I have recently enabled the SMTP alert function in ACS 5.3. It seems to work well for most of the alerts. One thing though, the active sessions are over limit warning that comes up every so often. I know it is not impacting operations and it is ACS's way of clearing out sessions that had no accounting stop, but how do I disable this alert from being sent by e-mail from ACS 5.3??? I do not see it anywhere.
08-20-2012 08:59 AM
Adam,
Here is the explanation of the alarm and what you can do to resolve this issue:
http://www.cisco.com/en/US/products/ps9911/products_tech_note09186a0080bb8100.shtml#delete2k
Thanks,
Tarik Admani
*Please rate helpful posts*
08-20-2012 09:52 AM
Hi, Thanks for the response. Unfortunately it does not solve my issue. Following the directions causes all logging to stop in the real time logs. There is no username coming through for these phantom authentication requests that I can create a filter or access request for. Is it possible to get more details???
The issue is that there is noting in the realtime logs for this on on the General tab that an alert has been triggered and therefore and e-mail for the alert. I was looking to see how I can disable the alert itself. there does not appear to be any dummy account these authenticatons are using to trigger this alarm in the logs I can see.
08-20-2012 02:14 PM
Adam,
Can you check your network access devices to see if radius accounting is configured? It seems that the without radius accounting configured ACS doesnt know when to end the radius sessions which leads to this issue.
thanks,
Tarik Admani
*Please rate helpful posts*
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide