Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Key in ACS magically changing on its own?

We are still running ACS v3.3.4.12.6/7 in several infrastructures mixed with 1111s, 1112s and 1113s.  I know, we are out of support.  We have some of our upgrades in hand and will be starting soon.  We have almost 40 of these appliances in 5 different infrastructures around the world so we have a lot of work to do .  Until then, we are dealing with a nagging problem and wondered if there was an explanation or solution.  Unfortunately the infrastructure that sees this problem the most cannot be upgraded just yet.

Periodically, the key in a client entry changes, causing authentication failures.  Because we have many AAA clients that include possibly 100s of IPs, the failures can be widespread.  The key almost always changes to this:

480d;0164g7?22?251176?1f<d183`593`<164546n6c:0133=3=75<71353

From testing, it appears that one cause is using Firefox when making edits.  We know that browser is not supported so we are not using it.  I suspected IE8 was causing it too, but I have been unsuccessful in proving that.  Those of us making edits are using IE6.

Does anyone know what could be causing this?  

2 REPLIES
Cisco Employee

Re: Key in ACS magically changing on its own?

We have seen this problem before, usually tracked to a combination of browser/java version in use, and sometimes due to database corruption.

New Member

Re: Key in ACS magically changing on its own?

I don't suppose you have any documented combinations that you know cause this problem, do you?  While its not too difficult to determine browsers that can cause this problem, its a bit more difficult when Java is included as a variable.

I've seen this in multiple ACS infrastructures, so I'm inclined to think (or hope), that its not due to db corruption, athough I definitely would not dismiss that as an option.  DB corruption seems to be a common occurance in ACS v3.x with the db being registry-based.

Has this problem been seen in ACS v4.2?  We are getting ready to upgrade to v4.2 and was hoping that would help.

Thanks!

193
Views
0
Helpful
2
Replies