Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Caller-id absent in failed attempts

Hi all experts.

I am using ACS 3.3 but pls dont run away since i am facing very odd issue. In my failed attempt logs, there are times when the caller-id is not present( means blank). What could be the possible reason for that ?

Thanks in advance

2 REPLIES
New Member

Re: Caller-id absent in failed attempts

Information in the "Caller-ID" depends on the information being sent from
the NAS to ACS.



For TACACS -- whatever is being passed from NAS to ACS in the "rem_addr"
field that will be logged in "Caller-ID".

For RADIUS -- whatever is being passed from NAS to ACS in the "Calling
Station ID (31)" attribute that will be logged in "Caller-ID".



It also depends on the type of connection you are using:

-For dial-in it will be telephone number from which you are dialing if the
TELCO forwards that information otherwise it will say "async".

-For telnet it will log the IP address of the client.

-For wireless device it will log the MAC address.



So, it depends on the information being passed from NAS to ACS and the type
of authentication protocol you are using. If NAS doesn't pass the info then
it will be blank.

You can run #debug aaa authentication
#debug radius (or tacacs)

and verify the fields
Cisco Employee

Re: Caller-id absent in failed attempts

John,

     Also to add to this it depends on what the failure reason is as well.  If the resason is "EAP Session Timeout" then that is just a thread timeout in ACS and ACS will not post the caller-id in the logs.

--Jesse

591
Views
0
Helpful
2
Replies
CreatePlease to create content