ASC 4.1 & ACS 3.3

Unanswered Question
May 21st, 2009

Hi everyone.

Task: MAC-authentication & assigning proper VLAN in Cisco ACS.

Switch configuration: standart AAA & dot1x configuration for this case.

ACS 3.3 & ACS 4.1 configurations are identical:

- groups with VLAN assigment

- users in groups (username - MAC-address like 00e018d84b58)

Authentication in ACS 3.3 works fine, switch port gets proper VLAN.

In ACS 4.1 authentication is not working! I've got Internal Error (Reports and Activity -> Failed Attemts).

What am I doing wrong? What configuration options I should look at?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
darpotter Fri, 05/22/2009 - 01:32

"Internal Error" usually means something has gone wrong inside ACS and is a catch-all for unexpected errors (sometimes bugs)

You'll have to delve into the CSRadius and CSAuth service logs to find the actual underlying error which should have been logged.

Post that error back here or ring the TAC.

Good luck

darpotter Fri, 05/22/2009 - 07:35

Interesting... but its the error messages in the CSRadius and/or CSAuth service log files that will hold the detail.

You'll have to search these for the date/time when the problem happened.

Actions

This Discussion