ACS 4.2 - Issue with Login on Web administration

Unanswered Question
Oct 1st, 2010
User Badges:

Dear all.


We are experiencing issue with one of our ACS server.

Regularly, we are not able to login on WEB admin page of ACS.The only way to solve the issue is to restart CSadmin till the next crash.

The web service is UP but it is like the Java client is never launched.


I did a test.... I restarted the service, launched several Web admin connections without problem. I started a download of .cab files from ACSView server without problem and after several minutes (don't know how many exactly) I'm not able to logon


ACS version is 4.2(0) Build 124 Patch 17.


I join the CSadmin log. (the log file starts at the beginning of the test.)


Many thanks in advance for your help.

Attachment: 
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
aneelaka Fri, 10/01/2010 - 15:09
User Badges:

Is this for ACS on windows, could you try both HTTP and HTTPS access, below error shows on log:


ADMN 10/01/2010 14:33:51 I 1554 0992 0x0 Connection attempt to HTTPS server using the HTTP protocol. Sending redirect to HTTP

ADMN 10/01/2010 14:33:51 I 1094 0992 0x0     Received HTTP request "GET /redirect.exe?args=dummy HTTP/1.0".

ADMN 10/01/2010 14:34:21 E 0282 0992 0x0 HTTP request receive processing terminated.


Also make sure the  web port is not being used by other application

You could try a command like this:

netstat -o -n -p tcp | findstr /i 2002

if you get a match, the last number should be the process id - relate that with task
manager to get the name of the process listening on tcp 2002.


- add the the following ip address in trusted site of the internet expolorer in the
machine you are trying to access the ACS from.

Tools --> internet options --> security --> trusted sites --> add:
127.0.0.1:2002.

- Install the Java virtual machine on the same machine.
ybilteryst Tue, 10/05/2010 - 02:31
User Badges:

Hi,


All of your prerequesites listed in the previous message are in place. The problem is after a undefined time, we are not ablt to log on ACS Admin Web Service. The only solution I have is to restart CSadmin service.


When I did the test, the netstat command shown the TCP port is opened correclty but nothing happened in Web Browser. See here below:


C:\Documents and Settings\adm>netstat -o -n -p tcp | findstr /i 2002
  TCP    10.0.46.65:2002        10.0.45.100:3542       ESTABLISHED     2416

aneelaka Tue, 10/05/2010 - 15:07
User Badges:

Let me know if you are ok to  take the backup of ACS and reinstall and reload the dump file and test it

yabilteryst Thu, 10/07/2010 - 01:42
User Badges:

If it is the only way to proceed I will do but not for the moment...

I don't know if backup file contains new Radius dictionnary and AD Mappings.

aneelaka Thu, 10/07/2010 - 10:51
User Badges:

Components Backed Up

The ACS System Backup feature backs up the ACS user database that is  relevant to ACS. The user database backup includes all user information,  such as username, password, and other authentication information,  including server certificates and the certificate trust list.


http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/user/guide/SCBasic.html#wp222466

jedubois Thu, 10/07/2010 - 14:11
User Badges:
  • Cisco Employee,

Hello,

     If you are not comfortable sending your backup in this forum you are welcome to open a TAC case where you can use a secure method to send your backup directly to a TAC engineer.

--Jesse

ybilteryst Fri, 10/08/2010 - 01:52
User Badges:

OK, I will open a case and send the backup file.


Thanks for your support.

Actions

This Discussion