Cisco ACS UCP

Unanswered Question
Aug 14th, 2008
User Badges:

I have configured UCP on a windows server according to the instructions mentioned in the Cisco manual.


I have used a private address and the link is something like hxxp://172.16.0.51/secure/login.htm


It's perfectly alright when i access it from the internal network and i can change the password well.


I have natted 172.16.0.51 to a Public Ip say 250.xxx.xxx.xxx


Now from the internet i access hxxp://250.xxx.xxx.xxx/secure/login.htm,

i main page opens without the images, when i type in the username and password, the page looks for the local address 172.16.0.51, obviously it can't connect.


How can i solve this problem?


Thankyou in advance.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jagdeep Gambhir Fri, 08/15/2008 - 05:23
User Badges:
  • Red, 2250 points or more

Vic,

ACS isn't supported in a NAT environment. Same rule applies for ACS-UCP communication.


Regards,

~JG


victor_87 Fri, 08/15/2008 - 06:33
User Badges:

I think ACS is not supported in NAT environment because it dynamically changes the ports being used by the ACS admin page, Also i think i read somewhere that the ACS admin port can be made static.


However it is not recommended to publish ACS onto the internet.


But this cannot logically be true for UCP, because, one of the major features of ACS authenticating remote access VPN's. So remote access VPN users are basically outside the LAN environment environment and also the remote access users access resourses other than that existing in the LAN where i have the UCP server.


So i require then to change the password without accessing the Local LAN where the server exists, and the best possible way is through the internet directly.


And i have seen a similar kind of problems with many other pages in the internet when i was browsing, like i can access all components on a page and when i click on one particular component, it looks for a private address and the connection times out, there must be a solution.


lets see if someone else can answer.

victor_87 Sat, 08/16/2008 - 09:29
User Badges:

I need to rate myself, actually the UCP software must have asked me for the ip address of the sevrer when i was installing it, i must have entered the private Ip and the software hardcoded the private Ip in all the HTml pages thats y it was causing problems when accessing from the internet, i finally got it working.


Thanks a lot everyone.


UCP is accessible well from the internet now.

Actions

This Discussion