Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1460
Views
0
Helpful
2
Replies

Downloadable ACL

alex goshtaei
Level 1
Level 1

‎01-25-2011 12:25 PM - edited ‎03-10-2019 05:45 PM

Hi All,

I am using ACS 4.2 with ASA 7.0. I am testing downloadable access list for remote VPN users. I've create "permit ip any any" just for testing in ACS, and setup NAF, DACL, assign DACL to the user. but when try to login from VPN client, i got this error message in ASA and login failed:

rad_procpkt: ACCEPT
RADIUS_ACCESS_ACCEPT: normal termination
Processing ACL: access-list permit ip any any
ACE error, deleting ACL: #ACSACL#-IP-dACL-4d3f1ebc
RADIUS_DELETE
remove_req 0x29f79044 session 0x6f5 id 250
free_rip 0x29f79044
radius: send queue empty

any suggestion would be very appreciated.

Thanks

Alex

Labels:
0 Helpful
2 Replies 2

andamani
Cisco Employee
Cisco Employee

‎02-04-2011 06:07 AM

Hi,

Could you paste the whole debugs you receive on the ASA.

Please do the following:

debug aaa authentication

debug radius 255

test aaa authentication host

Paste the output.

Also please attach the failed attempt reason from the ACS.

Regards,

Anisha

0 Helpful
Customers Also Viewed These Support Documents