Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
1097
Views
0
Helpful
3
Replies

Cisco ACS 4.2 huge logs are getting logged

jayms1992
Level 1
Level 1

ā€Ž08-15-2012 08:09 PM - edited ā€Ž07-03-2021 10:32 PM

Hi All,

We are using a cisco ACS 4.2 in our network for wireless and VPN client authenticantion.

Recently we are getting huge logs from ACS continously to RA server  when the users are gets Authenticate . below is the error which Message which we have  got from the ACS server .

08/13/2012,19:34:32,Authen   failed,asthagi,Default Group,00-26-ff-79-b5-5c,External DB user invalid or   bad password,,,29,10.101.254.27,
08/13/2012,19:35:53,Authen   failed,asthagi,Default Group,00-26-ff-79-b5-5c,External DB user invalid or   bad password,,,29,10.101.254.27,
08/13/2012,19:37:14,Authen   failed,asthagi,Default Group,00-26-ff-79-b5-5c,External DB user invalid or   bad password,,,29,10.101.254.27,
08/13/2012,19:38:35,Authen   failed,asthagi,Default Group,00-26-ff-79-b5-5c,External DB account locked   out,,,29,10.101.254.27,
08/13/2012,19:41:36,Authen   failed,asthagi,Default Group,00-26-ff-79-b5-5c,External DB user invalid or   bad password,,,29,10.101.254.27,

Due to this if the client's accounts will locked out if they tried more than 3 times.

1. All the clients are getting authenticated via the default group.

2. Only few users are facing the issue not all the users.

3. ACS version is 4.2 and RA version is 4.2.0

Kindly we request you to help on this to solve the same also avoid getting the huge logs in the RA server.

Regards,

Jayaraman M.S

Labels:
0 Helpful
3 Replies 3

Amjad Abdullah
VIP Alumni
VIP Alumni

ā€Ž08-16-2012 03:34 AM

Jaya: isRA used for logging only or used for authentication?

Logs are straightforward, the password provided for the username is not correct.

It seems the users updated their password on the AD but forgot to change the password on their vpn configuration.

Let them update the vpn configuration with the correct password things should be fine.

HTH

Amjad

Sent from Cisco Technical Support iPad App

Rating useful replies is more useful than saying "Thank you"
0 Helpful

jayms1992
Level 1
Level 1
In response to Amjad Abdullah

ā€Ž08-21-2012 09:32 PM

Thanks a lot Amjad,

We have checked the same and it seems to be the paswords updated in all the neccessary places , so, We had a reload once after we stoped all the services . post reload we are not observing the same issue . But not sure how it is working fine now ,

Can you please help us to understand what could be the root cause in this case ? .

Regards,

Jayaraman M.S

0 Helpful

Amjad Abdullah
VIP Alumni
VIP Alumni
In response to jayms1992

ā€Ž08-26-2012 11:15 PM

Jaya:
good that it is now working.

I can't guess the root cause but you make sure that both ACS and RA on same version with same patch level. Make sure to have latest patch applied to both.

You want to say "Thank you"? Don't. Just rate the useful answers, that is more useful than "Thank you".

Rating useful replies is more useful than saying "Thank you"
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card