Authenticating Juniper WX over Cisco ACS 4.1

Unanswered Question
May 29th, 2008
User Badges:

Hi, I'm trying to authenticate Juniper WX WAN Accelrator over Cisco ACS 4.1 using RADIUS.I get the juniper device to communicate with the ACS server, but cannot log in with my RADIUS user/password


Under ACS Reports and Activities - Failed Attempts, I get Authentication Failure Code 'ACS password invalid', when I log in with the CORRECT RADIUS user/password


and


when I log in with the Juniper device local user/pass OR any other arbitary user/pass I get Authentication Failure Code ' External DB is not operational'


Does anyone know what could cause the problem?


Thanx for your replies!!


Frode


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
darpotter Thu, 05/29/2008 - 10:41
User Badges:
  • Silver, 250 points or more

Sounds like a classic case of the shared secret not being the same on both ends. Its so easy to mess that up and people will swear they are identical only to have it work when they re-enter them :)


Also, from the second case it looks like you have the unknown user policy only partially configured, eg enabled but no working external db.

frodestra Thu, 05/29/2008 - 23:23
User Badges:

Hi, I've tried re-entering the shared keys and the user password, but I still get the same error message.


I wondering if the WAN Accelrators required its own set of RADIUS dictionary files, to work with the ACS, but I cannot find such an option in the documentation


(I have my Cisco Routers & Switches working perfectly on TACACS+, so there can't be a pro blem with the ACS)

Actions

This Discussion