Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
365
Views
0
Helpful
5
Replies

Can't login to web GUI since upgrade

m.surtees
Level 1
Level 1

‎07-29-2007 03:51 AM - edited ‎03-09-2019 06:29 PM

Hi,

Moved from 4.1.7.E to 4.7.2.L on a 3020 Concentrator and although I get the login page, accepting certificates etc., I can't login ... I can ssh to the dos style menu, vpn connections work fine, all is good except ... I can't login.

Any help much appreciated,

Mike

Labels:
0 Helpful
5 Replies 5

johnd2310
Level 8
Level 8

‎07-29-2007 04:22 AM

Hi Mike,

Try clearing your browser cache.

thanks

John

**Please rate posts you find helpful**
0 Helpful

m.surtees
Level 1
Level 1
In response to johnd2310

‎07-29-2007 04:51 PM

Hi John,

Yup, I tried all that like the upgrade doco said, did so on both Firefox and IE and still no joy.

It is as if I have the username / password incorrect (which I don't). Or it does not allow https connections even though it gives the login page.

Still a mystery.

Thanks anyway,

Mike

0 Helpful

m.surtees
Level 1
Level 1
In response to m.surtees

‎07-29-2007 08:22 PM

What might help is if I new what logs to send to syslog. I'm sending AUTH (amongst others) and can see myself login successfully via SSH, and can see SNMP connections ... BUT nothing - failed or attempted or anything via http / https.

This is the case even if I deliberately use incorrect login details.

*sigh* Why won't it work?

Mike

0 Helpful

johnd2310
Level 8
Level 8
In response to m.surtees

‎07-30-2007 01:30 AM

Hi Mike,

Go through your http/https config could be that it is trying to authenticate to non-existing radius or tacacs for web admin.

thanks

John

**Please rate posts you find helpful**
0 Helpful

m.surtees
Level 1
Level 1
In response to johnd2310

‎07-30-2007 11:23 PM

John,

This has been a nightmare but it seems fixed now. It is an HTTPS configuration element - thank you - but I had fiddled with pretty much everything including this before. I probably just had not done so in the correct combination. Also I was working on the CLI of a OS I had not worked with before (4.7.2 as opposed to 4.1.7)

For final closure of this conversation I below is the solution from a CLI point of view. Might want to paste it into an ascii editor with a wider page to enjoy what formatting there is.

Configuration > Tunneling & Security > SSL

> HTTPS > Enable/Disable HTTPS > Disable HTTPS ERROR:-- Instance Error

ERROR:-- The SET Failed.

------------------------------------------

| Tried the above just to do *something* |

| Then back to default: |

------------------------------------------

> Enable HTTPS

> Enable/Disable Client Authentication > Disable Client Authentication

----------------------------------------------

I Believe the above is the change that made the difference. Looking at a comparison of the not working post-upgrade config and the one after the above change the difference is:

NOT working line 25: httpscertrequired=1

WORKING line 25: httpscertrequired=2

I also accepted the default value below before I compared configs but I don't think it made a difference

----------------------------------------------

> Protocols > Set SSL Version -> Negotiate SSL V3/TLS V1

Thanks for your help

0 Helpful
Customers Also Viewed These Support Documents