Hello Bobby as we spoke in privately API for SNTC are in beta version and not a presently supported feature. It is available however and you can find more information at :
It does required an API specific role on your SNTC portal instance. We may close this forum for now and continue work on your SMART ASSIST case instance as an exception. Please continue to update in there.
... View more
Hi, With regards to the reboot/reload I would imagine that Cisco TAC is the only place where you could get information on why it is doing that. If you have access to ASA softaware through cisco.com I would suggest changing to a different software level and see if it helps. You can naturally also browse online either in the Release Notes or the Bug Toolkit to see if there a bug that could explain this behaviour. You mention that the L2L VPN never really comes up. That the Phase 2 doesnt go through? Maybe you could share the configurations at both end so we can have a look at what the problem with the Phase2 is and if we get it working we could see if the reboot/reload still happens. I personally manage only one ASA unit that is on the same software version as your ASA and that is running L2L VPN connections. I have not seen any such problems with this ASA. - Jouni
... View more
Hello Bobby, I am sorry but I can't send you the whole config because it is a configuration of my company and the necessary part is this one: aaa new-model ! ! aaa group server tacacs+ tac_admin server name acs1 ! aaa authentication login default group tac_admin local aaa authorization exec default group tac_admin local ! tacacs server acs1 address ipv4 192.168.246.69 key 7 ############# Despite this thanks for your help .
... View more
Well, I finally had some time to focus on this issue today and was able to resolve this issue (tenative). 1st - My initial problem was the user account created for managing these devices were matching on other rules predefined in my ACS. 2nd - Once that issue was resolved I still received the same error , except I was matching on all approprate polices using Custom attributes: role1 - Mandatory - ALL I performed a debug aaa tacacs enable from the WLC CLI and received the following messages: *tplusTransportThread: Nov 23 18:36:01.357: processTplusAuthResponse: Continue auth transaction *tplusTransportThread: Nov 23 18:36:01.370: tplus response: type=1 seq_no=4 session_id=f009b840 length=6 encrypted=0 *tplusTransportThread: Nov 23 18:36:01.371: tplus_make_author_request() from tplus_authen_passed returns rc= *tplusTransportThread: Nov 23 18:36:01.371: Forwarding request to xxx.xxx.xxx.xxx port=49 *tplusTransportThread: Nov 23 18:36:01.391: author response body: status=1 arg_cnt=0 msg_len=0 data_len=0 *tplusTransportThread: Nov 23 18:36:01.391: User has the following mgmtRole 0 mgmtRole 0 did not appear to be a valid option so I starting adding in other roles in place "ALL" i.e MANAGEMENT,WIRELESS,COMMANDS, etc.. Will all roles defined in ACS with the exception of LOBBY, I am now able to login and admistrate the WLC and debugs return the following: *tplusTransportThread: Nov 23 19:14:48.312: Forwarding request to xxx.xxx.xxx.xxx port=49 *tplusTransportThread: Nov 23 19:14:48.330: author response body: status=1 arg_cnt=6 msg_len=0 data_len=0 *tplusTransportThread: Nov 23 19:14:48.330: arg = [role1=MANAGEMENT] *tplusTransportThread: Nov 23 19:14:48.330: arg = [role2=WIRELESS ] *tplusTransportThread: Nov 23 19:14:48.330: arg = [role3=WLAN] *tplusTransportThread: Nov 23 19:14:48.330: arg = [role4=CONTROLLER] *tplusTransportThread: Nov 23 19:14:48.330: arg = [role5=SECURITY] *tplusTransportThread: Nov 23 19:14:48.330: arg = [role6=COMMANDS] I've performed all the admistrative tasks I've done since I've been in control of these devices and have had not issue. I think I'll open up a TAC case when I return from the holiday weekend and see if the role "ALL" is still being used in the versions of ACS and WLC that I am running or if there is something else causing me not to be able to use that role as it's been previously documented. A big thanks to those who replied to this discussion !!
... View more