cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
804
Views
0
Helpful
1
Replies

Kerberos and LDAP issues after upgrade to ASA 8.4(4)

BEHowardGRDA
Level 1
Level 1

I am having difficulty with AAA setup on my recently upgraded ASA 5520.  I upgraded from 8.3(1) to 8.4(4) and my AAA no longer works.  If I use Kerberos I receive time skew errors (works fine on my remaining 8.3(1) ASAs) and when I setup LDAP I get "server has been removed" errors (again, works fine on other 8.3(1) ASAs).  Is this a by product of the upgrade or a flaw in 8.4(4)?

1 Reply 1

Erick Delgado
Level 1
Level 1

Hello,

In regards of the kerberos issue looks like the ASA and the AD server don't have the same time. Please make sure that the time is configure correctly.

For the LDAP issue please send me a debug ldap 255 output.

A 3rd option will be to enable IAS or NPS on your windows server and use radius.

Regards,