SSL Authentication failure to ASA

mbroberson1 · ‎09-13-2007

We have a Cisco ASA 5520 running 7.1. We have users that connect via SSL. There are times when a user tries to logon via SSL that they get login failed multiple times and then say 10 or 30 minutes later authentication will succeeed. The failed attempt happens so fast that it is almost like there is no auctual attempt at authentication, almost like it is a cache or browser cache setting, because I can use a test pc and login. When my test pc is having this issue, I can use a second test pc and authentication will work. Does anyone else seem to be experiencing this issue? Could it be a browser issue? Users are using a combination of IE 6.0 and IE 7.0.

Thanks

umedryk · ‎09-19-2007

Verify your RADIUS configuration with the Test button on the AAA Server Groups configuration screen. Once you supply a username and password, this button allows you to send a test authentication request to the ACS server.

Choose Configuration > Remote Access VPN > AAA Setup > AAA Server Groups.

Select your desired AAA Server group in the top pane. Select the AAA server that you want to test in the lower pane. Click the Test button to the right of the lower pane. In the window that appears, click the Authentication radio button, and supply the credentials with which you want to test. Click OK when finished

mbroberson1 · ‎09-20-2007

We are using TACACS, will this still apply?

mfreijser · ‎09-20-2007

This will apply to any kind of authentication server that you have configured in the AAA server groups on your ASA.

Regards,

Michael