We had issue with Cisco NAC Server & Manager Certificates, it was expired, have imported new certificates from CA (Which is one od AD Server)
now CAM & CAS are in HA and connected. the SSO Service on CAS is started.
The Problem is users cannot login to SSO, it can login to Domain but SSO is not working, NAC Agent popus asking for username and password. CAM local username and password works fine. but not SSO.
have verified everything which was in troubleshooting guide.
Anyone can help please?
1) Confirm whether users are logged in using their domain account and not using the local account.
2) Confirm if CAS is listening on port 8910. You can take a sniffer trace on the client pc which can help you.
3) Synchronize the time in the CAS/Agent with the AD.
If the issue persists, I would suggest you to collect the agent logs, cas logs and wireshark capture (from the user machine while it tries to authenticate) and create a case with Cisco TAC.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: