Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1882
Views
0
Helpful
1
Replies

NAC 4.7.1 CAS CAM Login issues

kysersosai
Level 1
Level 1

‎02-03-2010 04:05 PM - edited ‎02-21-2020 03:52 AM

Hello,

I upgraded from 4.5.1 to 4.7.1. I am having trouble with the communication between the CAS and the CAM

Here is an outline of the issue

1.       After Authentication, DHCP, ACS ok, WALL !!!

2.       Nac Online Users = 0

3.       Ping the CAM HA service ip
          Client = NO
          CAS = Yes

4.       Things are broken at the moment where the Agent/Web Broswer has to communicate with the Nac Manager… it just times out.

5.       Attached are pics of where it hits the 1. wall and the 2. error that pops up.

Notes

Cam Service IP Web UI > Cas Service IP is connected

Certs from the Cam imported into TCA on Cas and vice versa @ ver 4.5.1 then upgraded

DNS working

Login & remediation was working with ver 4.5.1

Any help would be greatly appreciated

Thank you Kindly

Preview file
26 KB
Preview file
32 KB
0 Helpful
1 Reply 1

kysersosai
Level 1
Level 1

‎02-04-2010 11:31 AM

Desperately I decided to check everything et voila FIREWALL. With 4.7.1 the CAS needs access to the DNS server. I’m not sure exactly why. It was a fast one liner in the firewall among all the logging but it was the CAS being denied access to the DNS? Added the rule BANG all is good.

The problem was the login works (inconsistently) for a few moments right after I upgraded or changing the cert… this really was misleading. Just got hung up on the cert being the problem.

If anyone can tell me why the CAS need to talk to the DNS server i'd appreciate it

Cheers

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card