Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

CSACS 3.3(1) to 4.1 authentication not working after upgrade? No logs?

Hi

So we've just done an upgrade of CSACS 3.3(1) to 3.3(3) and then from there to 4.1 as recommended. After the upgrade, all 'seems' to be fine with the server, all the services have started and seem to be running, the UDP ports are open (1812, 1813, 1645 and 1646), yet none of my clients are able to login via any NAS configured. There are no logs being generated on the server, no fails, no passes, nothing since the upgrade. The server and the NAS' can still ping each other just as before, nothing else has changed on the NAS or the network in general. During the upgrade, I choose to keep my existing configuration. Can anyone help? Please? Thanks

Jason

7 REPLIES

Re: CSACS 3.3(1) to 4.1 authentication not working after upgrade

Jason,

It seems to be a appliance , if that is the case then go to ,

acs ----> Interface config--->Advanced --->Enable all except last two.

Now go to acs----> Network configuration ----> Proxy table ----.Put deleverence 1 on the fwd to box and what ever you have under fwd to box drag it to the left box.

Regards,

~JG

New Member

Re: CSACS 3.3(1) to 4.1 authentication not working after upgrade

Hi

This is not an appliance, but the Windows based software server. Would these tips still apply? Thanks

Jason

Re: CSACS 3.3(1) to 4.1 authentication not working after upgrade

No , not for windows. Is the services running ? What is the OS and SP ?

New Member

Re: CSACS 3.3(1) to 4.1 authentication not working after upgrade

Hi

The services are all running, I've tried to stop and restart all CS* services. I've tried to reboot the whole server itself. It is running Windows Server 2003. One problem I noticed just now, the server does not have SP1 applied due to a conflict with another application running on that box and according to the CSACS4.1 release notes, SP1 is a requirement...but I don't know if not having it would cause these weird issues. Everything 'seems' to be running, open ports, etc, but nothing is happening. So I'm going to try to get this server updated to SP1 and see what happens from there. Do you think this SP1 missing would cause this strange problem? Thanks very much for your help.

Jason

Re: CSACS 3.3(1) to 4.1 authentication not working after upgrade

Hi Jason,

I don't think SP can cause this kind of issue but it is worth to try. Also I would suggest to sniff the NIC of acs and see if there is any traffic coming from the NAS, if it is there then it would be interesting to see how acs replied.

Also take debugs at the same time from NAS

debug aaa authentication

debug radius or tacacs (as per the case)

Also make sure that acs is set up as Cisco secure acs and NOT tacacs or radius.

ACS -->Network configuration---->AAA server--->Server type should be Cisco secure acs.

Regards,

~JG

New Member

Re: CSACS 3.3(1) to 4.1 authentication not working after upgrade

Hi

We let the server do its full set of Windows Updates last night and after the update and reboot, all authentication services started working properly again with no further changes. So it WAS the patch level that was causing the problem. Thanks for all your help.

Jason

Hall of Fame Super Silver

Re: CSACS 3.3(1) to 4.1 authentication not working after upgrade

Jason

I am glad that you were able to get this worked out. Thank you for updating the thread to indicate that you had found a solution to the problem. It makes the forum more useful when people can read about a problem and can read what provided the solution to the problem.

HTH

Rick

157
Views
0
Helpful
7
Replies
CreatePlease to create content