Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
848
Views
5
Helpful
2
Replies

Integrate LMS 3.0.1 with Cisco Secure ACS 4.0.1

Go to solution
PJWHITBY
Level 1
Level 1

‎03-26-2008 09:41 PM

Hi,

I am trying to integrate LMS 3.0.1 with Cisco Secure ACS 4.0.1

Configuration done at ACS end:

1. ACS is integrated with the domain.

2. NDG group "CiscoWorks" has been created.

3. The LMS server has been added as a AAA client with the pre-shared secret key in the NDG in step 2

Configuration done at LMS end:

1. LMS server has been switched to ACS mode.

2. ACS server IP address, ACS administrator username/password has been added and the pre-shared secret has been matched.

After doing all this and when I apply those settings I get

" Primary ACS Verification Status ( 10.x.x.x )

Tacacs+ Connectivity Reachable

HTTP/HTTPS Connectivity Reachable

AAA Client Not Configured

Secret Key Verification Not Applicable

System Identity User Not Applicable

Note : Verification failed for all ACS server(s). Please check your

settings. "

I have tried everything, deleting, recreating, bug list, forum posts, etc, etc.

Can anybody help me please correct this error

Thanks

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Joe Clarke
Cisco Employee
Cisco Employee

‎03-26-2008 11:05 PM

Make sure you have opened all TCP ports on the ACS for administration (i.e. ports 1024 to 65535). This is only needed for initial integration. Afterward, it is safe to reduce this to no less than 10 open ports. Also, if this is an ACS appliance, make sure the ACS administrator user configured in LMS is NOT the appliance administrator. The ACS administrator must be another user which has all ACS privileges.

View solution in original post

2 Replies 2

Go to solution
Joe Clarke
Cisco Employee
Cisco Employee

‎03-26-2008 11:05 PM

Make sure you have opened all TCP ports on the ACS for administration (i.e. ports 1024 to 65535). This is only needed for initial integration. Afterward, it is safe to reduce this to no less than 10 open ports. Also, if this is an ACS appliance, make sure the ACS administrator user configured in LMS is NOT the appliance administrator. The ACS administrator must be another user which has all ACS privileges.

Go to solution
PJWHITBY
Level 1
Level 1
In response to Joe Clarke

‎03-26-2008 11:33 PM

you are a star, it works, much appreciated

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents