I am using ACS 5.3.I need to make macauthentication on Enterasys switch with Cisco ACS 5.3.I get the following error;
Parsing error or event type unknown:xxxxxxxxxxxxx ERROR RADIUS : RADIUS packet contains invalid attribute(s) ;Failed-Attepmt:Radius request dropped
How can I integrate Custom Attribute Enterasys A2 Switch with Cisco ACS 5.3 ?
Once I had problems with radius between a Cisco switch and Cisco ACS. The switch didn't understand some radius attributes, so I had to configure "radius-server vsa send authentication" in the switch, so the swith could understand Vendor Specific Attributes. That command fixed my problem.
I guess it's happening the same with your enterasys switch.
Another option will be to capture the packet sent from ACS to see what attributes is sending ACS. That way you can deduce which attributes are not understood by Enterasys and try to configure ACS not to send those attributes. But I really don't think the ACS is the problem but the switch.
I think what you need to do is define the Vendor attributes for this device
Can be done as follows:
Go to System Administration > Configuration > Dictionaries > Protocols > RADIUS > RADIUS VSA
can define the new RADIUS vendor by pressing "Create". Vendor ID is the assigned ID. Attribute prefix allows you to assign a standard prefix to all attributes for this vendor. Names of all RADIUS attributes must be unqiue across all vendors
Once have define the RADIUS vendor can select it from the list and press "Show Vendor Attributes". Can now define the attributes for this vendor. This option is also available from the left navigation by select the vendor name.
Note that adding/removing vendor attributes takes a little time (quite a few seconds) and so don't be perturbed