ASC 4.1 & ACS 3.3

Unanswered Question
May 21st, 2009
User Badges:

Hi everyone.

Task: MAC-authentication & assigning proper VLAN in Cisco ACS.

Switch configuration: standart AAA & dot1x configuration for this case.

ACS 3.3 & ACS 4.1 configurations are identical:

- groups with VLAN assigment

- users in groups (username - MAC-address like 00e018d84b58)

Authentication in ACS 3.3 works fine, switch port gets proper VLAN.

In ACS 4.1 authentication is not working! I've got Internal Error (Reports and Activity -> Failed Attemts).

What am I doing wrong? What configuration options I should look at?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
darpotter Fri, 05/22/2009 - 01:32
User Badges:
  • Silver, 250 points or more

"Internal Error" usually means something has gone wrong inside ACS and is a catch-all for unexpected errors (sometimes bugs)

You'll have to delve into the CSRadius and CSAuth service logs to find the actual underlying error which should have been logged.

Post that error back here or ring the TAC.

Good luck

darpotter Fri, 05/22/2009 - 07:35
User Badges:
  • Silver, 250 points or more

Interesting... but its the error messages in the CSRadius and/or CSAuth service log files that will hold the detail.

You'll have to search these for the date/time when the problem happened.


This Discussion