Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2389
Views
0
Helpful
1
Replies

Cisco Secure ACS 2.6 Returns too many RADIUS attributes

darren.foo
Level 1
Level 1

‎11-13-2001 11:49 AM - edited ‎02-21-2020 09:58 AM

Hi all,

I'm trying to authenticate my Firewall-1 VPN users to Cisco Secure ACS 2.6. FW-1 ignores packets that have unnecessary attributes returned. I've turned off all attributes in the Interface Configuration screen but a snoop shows that the ACS box is still sending several attributes.

Labels:
0 Helpful
1 Reply 1

wdrootz
Level 4
Level 4

‎11-20-2001 02:07 PM

It is hard to say what CSNT is sending back in the way of attributes without debug (http://www.cisco.com/warp/public/480/9.html) or a sniffer trace. I think RFC 2138 addresses what is sent. If the FW1 ignores packets that have unnecessary attributes, I don't know why there is a need to turn off attributes.

0 Helpful
Customers Also Viewed These Support Documents