cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1594
Views
0
Helpful
3
Replies

Troubleshooting/packet capture on ACS 5.5

sahrgohar
Level 1
Level 1

In troubleshooting AAA authentication issues between  ACS 5.5 and Juniper Netscreen firewall, please advise how to do a 'snoop' or packet capture on the ACS server side for a specific network device address?

ACS logs output a successful authentication, however Juniper logs show rejected via TACACS server.

3 Replies 3

Aaron O'Hare
Level 1
Level 1

As far as I know there is no way to do a packet capture on ACS 5.x. Are you using TACACS+ or Radius for the authentication?

-AO
Please rate useful posts and mark answers as "correct" if applicable.

TACACS+ 1121 appliances.

Take a look at http://kb.juniper.net/InfoCenter/index?page=content&id=KB10191 (you will need a Juniper login)

I don't know the Juniper side well enough to help you on that side but I'd suspect its an issue on the JunOS side as ACS is indicating a successful message.

-AO
Please rate useful posts and mark answers as "correct" if applicable.