Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
446
Views
0
Helpful
2
Replies

Key in ACS magically changing on its own?

mmletzko
Level 1
Level 1

‎03-25-2010 06:54 AM - edited ‎03-10-2019 05:01 PM

We are still running ACS v3.3.4.12.6/7 in several infrastructures mixed with 1111s, 1112s and 1113s.  I know, we are out of support.  We have some of our upgrades in hand and will be starting soon.  We have almost 40 of these appliances in 5 different infrastructures around the world so we have a lot of work to do .  Until then, we are dealing with a nagging problem and wondered if there was an explanation or solution.  Unfortunately the infrastructure that sees this problem the most cannot be upgraded just yet.

Periodically, the key in a client entry changes, causing authentication failures.  Because we have many AAA clients that include possibly 100s of IPs, the failures can be widespread.  The key almost always changes to this:

480d;0164g7?22?251176?1f<d183`593`<164546n6c:0133=3=75<71353

From testing, it appears that one cause is using Firefox when making edits.  We know that browser is not supported so we are not using it.  I suspected IE8 was causing it too, but I have been unsuccessful in proving that.  Those of us making edits are using IE6.

Does anyone know what could be causing this?  

Labels:
0 Helpful
2 Replies 2

Javier Henderson
Level 4
Level 4

‎03-25-2010 09:40 AM

We have seen this problem before, usually tracked to a combination of browser/java version in use, and sometimes due to database corruption.

0 Helpful

mmletzko
Level 1
Level 1
In response to Javier Henderson

‎03-25-2010 11:03 AM

I don't suppose you have any documented combinations that you know cause this problem, do you?  While its not too difficult to determine browsers that can cause this problem, its a bit more difficult when Java is included as a variable.

I've seen this in multiple ACS infrastructures, so I'm inclined to think (or hope), that its not due to db corruption, athough I definitely would not dismiss that as an option.  DB corruption seems to be a common occurance in ACS v3.x with the db being registry-based.

Has this problem been seen in ACS v4.2?  We are getting ready to upgrade to v4.2 and was hoping that would help.

Thanks!

0 Helpful
Customers Also Viewed These Support Documents