This issue occurs due to the wrong IP address on the Cisco Secure ACS solution engine.
At times, even though the correct IP address is configured during initial configuration, once the ACS SE is configured, the entry for the correct IP address disappears, which is not normal. Then you see an entry with the Appliance name with an IP address 127.0.0.1.
If you only have one ACS SE and set this ACS SE for authentication, then everything works fine, but if you get replication to go to another ACS SE, then it does not work. But sometimes it works for the first time in many cases.
Also, you cannot modify anything for the 127.0.0.1, and it always gives you the shared secret key mismatch error.
The resolution for this issue is to re-image the ACS SE and ensure that it does not get an IP address 127.0.0.1.
Refer to these documents in order to accomplish this task:
Upon boot the LED indicator for WiFi on this ASA-5506W cycles through blinking green to blinking red. The documentation says it means "Ethernet link not operational". Since this is a hardware addon, I assume ethernet link is hard wired inside. To make sur...
I'm messing around in lab and trying to get the FTDv to do jumbo frames. According to the documentation its pretty simple but I've not had any luck. I set the MTU on the Interface to 9000 and FMC said it was enabling jumbo frames and to reboot...
Hi All, Can some advise on the design strategy for large scale deployment. We are trying to deploy a 28-30 node deployment with individual nodes in DC and DR and some dedicated local PSNs as VM in critical sites so that local user authenti...
Hello,I have a question regarding HA setup within a LAN, in a scenario where there are 2 main buildings. I'm curious as to how this would be best achieved through either configuration or from a design standpoint. I have attached an image showing the setup...
Hi,Good day I was trying to set-up Cisco ESA C390 in one our data center but I'm having issues establishing connections to external and public mail servers. Below is the error when I tested SMTP ping via CLI: Starting SMTP test of host alt1.gmai...