This issue occurs due to the wrong IP address on the Cisco Secure ACS solution engine.
At times, even though the correct IP address is configured during initial configuration, once the ACS SE is configured, the entry for the correct IP address disappears, which is not normal. Then you see an entry with the Appliance name with an IP address 127.0.0.1.
If you only have one ACS SE and set this ACS SE for authentication, then everything works fine, but if you get replication to go to another ACS SE, then it does not work. But sometimes it works for the first time in many cases.
Also, you cannot modify anything for the 127.0.0.1, and it always gives you the shared secret key mismatch error.
The resolution for this issue is to re-image the ACS SE and ensure that it does not get an IP address 127.0.0.1.
Refer to these documents in order to accomplish this task:
Is there a best practice around handling Cisco FlexConnect APs and their switchport configuration when doing profiling? Flex APs require commands relating to trunking and native VLAN etc. - which is different to the usual port template ...
Hello, Is there any keepalive mechanism between the switch and ISE. I need to know if there is a way which can enable the switch to know if ISE server is online and available at any particular time.The idea is that lets suppose we try to authenticate...
Hello Experts, I want to utilize existing hardware for Stealthwatch Enterprise deployment. We have UCS 5108 with B200 M5 Servers. I am following below link for the Virtual Server sizing: https://www.cisco.com/c/dam/en/us/td/docs/security/stealth...
i have been asked to list a switch under radius control , some switches are already added under it but im supposed to add any switches that arent , can i simply add the same command to other switches? also the key is made of numbers do i just paste the ke...