I recently upgraded our Cisco Secure AS to ver 3.2 but have encountered problems. I have users who authenticate to a checkpoint NG FP3 firewall, which passes the authentication to cisco secure (radius) and cisco secure authenticates against a Novell NDS DB. This all works with 3.0(1) but with 3.2 it fails with the message "External DB user invalid or bad password", even though i know the credentials passed are correct. I had to roll back to allow users to connect.
Has anyone got an any ideas on this or seen it before?
I remember reading somewhere that a user must preface their username with the domain backslash to get authenticated. Please see if this might be the cause of the problem. Another possibility is bug CSCdu63791 'T+ enable partially broken for external db users'.
Troubleshooting a failed ISE Upgrade Readiness Tool Assessment
About the Author
Richard Atkin is an Engineer at a Cisco Partner in the UK, specialising in ISE, WiFi & Prime... I'm also currently learning about APIs, Webhooks, AWS, (etc et...
Security Product and architecture introduction-NGFW portflio(8/6)