Secure ACS 4.1 won't let me "Local Admin"

Unanswered Question

I have 2 fresh out of the box Windows 2003 Servers/SP2 on Sun Platforms that I have installed and then upgraded to

Once installed and I finish the installation I have the service start and the Admin interface come up in a browser.

I get the following screen message:

Invalid Administration Connection.

This machine cannot be used for administration.

Contact the System Administrator for access.

The url is and then the port number jumps all ever the place and screen refreshes with the same information. I have added the loopback address to trusted sites in IE 7.0 and even tried Firefox. I have tried running a script from the TAC to allow allow local logins and also shutting the CSAdmin and CSAuth down and restarting. I am running Java JRE 1.6.0_07. Now the odd thing is that I can reach the server from my workstation with the ip:2002 and I get the ACS login screen but I cannot login as nothing is set yet. The only thing I haven't done yet is actually add the servers to the Windows Domain but I can't see where that is necessary and the Cisco Documentation isn't clear on that.

I would appreciate any feedback or suggestions especially from the SME's here.



I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 1 (1 ratings)
hadbou Tue, 09/30/2008 - 15:16

By default, CiscoSecure ACS send the message "Invalid Administration Connection" when you attempt to access it with an IP address not in a permitted range. You can disable this message. To do so, select Administration Control> Session Policy and deselect the Respond to invalid IP address connections check box. Also use an valid ip address in the permitted range

The problem was NVIDIA ForceWare Network Access Manager. That came loaded on the Sun Server we are using for ACS. I found references to it in the even logs and not being a Windows Server person I had to grab someone who was and to be honest even they didn't get it. I started uninstalling any virus and security S/W one at the request of the TAC and removing NVIDIA Forceware did it.


This Discussion