ACS needs to put in password multiple times to authenticate

suthomas1 · ‎10-13-2009

We have devices which use ACS as AAA. On most of the devices, there is a need to put the login/password multiple times( around 2 to 3) before it successfully allows to login.

If the logins are again followed up within a very short duration it sometimes allows you within first attempt, but as a whole it needs atleast 2 attempts before ACS allows us in even with correct logins.

Any suggestions to rectify this would be appreciated.

Thanks.

Collin Clark · ‎10-13-2009

Check the logs in ACS (failed authentications) and check the log in the router. If it's losing communications with the ACS server, it will be in there and pretty obvious.

suthomas1 · ‎10-18-2009

ACS gives me following error:

External DB user invalid or bad password; for the first two attempts & the third attempt is successful. There are no link issues between this device/ACS.

Thanks.

Collin Clark · ‎10-19-2009

Where are the user accounts? Are they local on ACS or is ACS proxying to something like Windows AD?

suthomas1 · ‎10-20-2009

the users accounts are linked to windows AD database.

Collin Clark · ‎10-20-2009

That typically means 1)you entered the wrong password 2) communication problems between ACS and the domain controller(s)

s.aliyarukunju · ‎10-29-2009

Hi thomas,

I am also experiencing the exact same issue.We have 2 ACS appliance and whenever i try to do VPN connection , at first attempt it is prompting 2 times to enter AD user name & password.Once it get connected and when i try to reconnect, it will ask for 1 time only.

It would be highly appreciated if you could provide me the solution for this issue.