06-17-2008 01:44 AM - edited 02-21-2020 10:21 AM
Hallo.
I'm trying to integrate this versions of CSM and ACS. CSM is installed on HW as required. ACS is virtual machine on the VMware server.
When I try to switch AAA mode on CSM to acs/tacacs+ I get "AAA Client Not Configured" message, although CSM and every one managed devices are configured in ACS as AAA client devices (as requested in integration guide). In log files I've found only this message (in C:\Program Files\CSCOpx\MDC\tomcat\logs\stdout.log):
error while getting devicegroupname
java.io.IOException: Server returned HTTP response code: 500 for URL: http://<ACS_IP_ADDRESS>:2002/acsAutomate.exe?action=networkDeviceGroup_listGroup
... (lots of java dump ...)
I'm not sure what can be the problem in this case.
Thanks for any help...
06-23-2008 12:52 PM
First, make sure all TCP ports are open for administration on the ACS server. Then, if this is the ACS appliance, make sure you are NOT using the appliance administrator as the ACS administrator user in LMS. If you are, create a new administrative user in ACS, and grant that user all privileges. Then use that username to do the integration. Finally, try temporarily
switching from HTTPS to HTTP for the initial integration.
Refer "Security Manager Integration With ACS" present in the url below:
http://www.cisco.com/en/US/products/ps6498/products_configuration_example09186a00808eada8.shtml#tro
06-27-2008 05:07 AM
First, this is not an appliance, this is win2k3 server, with ACS install. admin account for CSM was chosen separately from ACS admin. ACS is using only HTTP .
Second, I have followed that guide throughout whole integration.
Additionally, we have hardened underlying OS of ACS server for security. hardening included:
Audit policy,Password policy, Log settings,
Registry settings - TCPIP, LANMAN, SA,
Priviledge Rights, File security for files in %systemRoot%\System32\ and Disabling some unused services.
Maybe some of these security changes made it impossible to integrate ACS and CSM.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide