01-19-2010 05:57 AM
Hi,
I wounder if anyone could help me. I have an ACE appliace running. I have created a new Context and have done all the configuration i.e. interfaces, loadbalancing, domain, users etc. Only problem and very basic one is that I am unable to login to the Context directly. I can acess the Contect with it's management IP but when I try to login I get "Invalid User Name/Password." message.
I can only login in Admin context. Is there anyting I am missing?
Rgds,
01-19-2010 06:11 AM
Hi,
Did you create a policy for remote access to that context and add the it to the interface?
Typically there is a remote_mgnt service policy - this is used to access the managemnet entity on a specific interface.
Thanks
Eric
01-19-2010 06:56 AM
Hi Eric,
Thank you for your reply.
Yes all the policies are in place. I can browse to we Console and Telnet but unable to login. Here is the Context config (It is one armed design with client/server and ACE on same VLAN). None of the users defined in here can login.
access-list ALL line 8 extended permit ip any any
access-list ALL line 16 extended permit icmp any any
probe http Probe_HTTP
interval 5
passdetect interval 60
expect status 200 200
open 10
rserver host Server1
ip address 192.168.0.2
conn-limit max 4000000 min 4000000
inservice
rserver host Server2
ip address 192.168.0.23
conn-limit max 4000000 min 4000000
inservice
serverfarm host Farm1
probe Probe_HTTP
rserver Server1 80
conn-limit max 4000000 min 4000000
inservice
rserver Server2 80
conn-limit max 4000000 min 4000000
inservice
sticky http-cookie XYZ_Cookie XYZ_Cookie
serverfarm Farm1
class-map type management match-any Management
201 match protocol http any
202 match protocol https any
203 match protocol icmp any
204 match protocol kalap-udp any
205 match protocol ssh any
206 match protocol telnet any
207 match protocol xml-https any
class-map match-all XYZ_VS
2 match virtual-address 192.168.0.9 tcp eq www
policy-map type management first-match Management
class Management
permit
policy-map type loadbalance first-match XYZ_VS-l7slb
class class-default
serverfarm Farm1
policy-map multi-match int3
class XYZ_VS
loadbalance vip inservice
loadbalance policy XYZ_VS-l7slb
nat dynamic 5 vlan 2
interface vlan 2
description Server VLAN
ip address 192.168.0.6 255.255.255.0
alias 192.168.0.8 255.255.255.0
peer ip address 192.168.0.7 255.255.255.0
access-group input ALL
nat-pool 5 192.168.0.9 192.168.0.9 netmask 255.255.255.0 pat
service-policy input int3
service-policy input Management
no shutdown
domain XYZ_Domain
add-object all
ip route 0.0.0.0 0.0.0.0 192.168.0.20
username XYZadmin password 5 *********** role Admin domain default-domain
username XYZusr password 5 ********* role Network-Monitor domain XYZ_Domain
snmp-server contact "ANM"
snmp-server location "ANM"
Thank you.
01-19-2010 08:39 AM
Errr... i managed to resolve it
username XYZadmin password 5 *********** role Admin domain default-domain
username XYZusr password 5 ********* role Network-Monitor domain XYZ_Domain
Should have been
username XYZadmin password 0 *********** role Admin domain default-domain
username XYZusr password 0 ********* role Network-Monitor domain XYZ_Domain
I was specifying encrypted password instead of clear text.
01-19-2010 05:06 PM
That is great to hear.
Thanks
Eric
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: