In this issue, after you upgrade Cisco Secure ACS, multiple Authentication, Authorization, Accounting (AAA) server entries for same IP address but different name appear under Network Configuration. This issue causes replication to fail. ACS does not allow to delete the entry or reset the keys.
Complete these steps in order to resolve this issue:
In order to keep and delete the entry, choose Network Configuration > Proxy Distribution Table > (Default) and make sure that you have the [FQDN-name-of-server] entry in the Forward To column. All other entries should be in AAA Server.
Return to the Network Configuration section, and click the [name-of-server] entry. Change the IP address of the [name-of-server] entry and then choose Submit + Apply. For both entries [name-of-server] and [FQDN-name-of-server], only these three options appear:
Submit + Apply
Now restart the CSAdmin service. Note that it cannot be restarted from System Configuration > Service Control > Restart. You must open Services.msc on the Microsoft Windows server where ACS is installed, and then restart the CSAdmin service.
Once CSAdmin service is backed up, log into the ACS GUI page.
Check the [name-of-server] entry in the Network Configuration section, The options to Delete and Delete + Apply now appears this time.
Choose Delete + Apply.
Complete these steps on the Primary and Secondary ACS server.
Has anyone else noticed a dramatic decrease in speed when connecting with the new AnyConnect client? Ran a speed test from the same machine to the same destination, 1 was over APN (AnyConnect) and the 2nd. directly out. A difference in speed is to be expe...
Hi,In my office we have implemented an FTD v. 18.104.22.168 (ASA 5506X), we want to manage it in a remote branch with FMC.DiagramI have read the cisco documentation:https://www.cisco.com/c/en/us/td/docs/security/firepower/quick_start/fmc_remote_branch/deploy-t...
Hello, guys.Does anyone know should the ISE Posture module trigger non-compliant state if:- connect via VPN with the ISE Posture module- there are no last Windows updates installed- the posture requirement has a condition: pr_WSUSRule- the posture require...
Hello guys, We have ASA-5555-X with sourcepower which is mnaged by FMC. If we create ACL in fmc and deploy, won't it be shown in ASA Cli? But, we can not see there. Also have applied the 'sfr_direct permit ip any any' statement to redirect traffic. I...