Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

CS-Mars and AAA ACS - fail

I try to setup a CS-Mars to AAA Cisco ACS

I setup the mars to RADIUS(Cisco VPN 3000/ASA/PIX 7.x+) with shared secret 1234

Cisco ACS hostname: cis04ba1

CS-Mars hostname: mars01ba1

I got this error logs in Failed Attempts

Viewing CSV File

Date Time Message-Type User-Name Group-Name Caller-ID Network  Access Profile Name Authen-Failure-Code Author-Failure-Code Author-Data NAS-Port NAS-IP-Address Filter  Information PEAP/EAP-FAST-Clear-Name EAP  Type EAP  Type Name Reason Access  Device Network  Device Group AAA  Server Cisco:PA:PA-Name Cisco:PA:PA-Version Cisco:PA:OS-Type Cisco:PA:OS-Version Cisco:PA:OS-Release Cisco:PA:Kernel-Version Cisco:PA:Machine-Posture-State Cisco:Host:ServicePacks Cisco:Host:HotFixes Cisco:Host:HostFQDN Cisco:Host:Package cisco-av-pair Cisco:HIP:CSAVersion Cisco:HIP:CSAOperationalState Cisco:HIP:CSAMCName Cisco:HIP:CSAStates Cisco:HIP:DaysSinceLastSuccessfulPoll NAI:AV:Software-Name NAI:AV:Software-ID NAI:AV:Software-Version NAI:AV:Scan-Engine-Version NAI:AV:Dat-Version NAI:AV:Dat-Date NAI:AV:Protection-Enabled Trend:AV:Software-Name Trend:AV:Software-ID Trend:AV:Software-Version Trend:AV:Scan-Engine-Version Trend:AV:Dat-Version Trend:AV:Dat-Date Trend:AV:Protection-Enabled
27/11/200908:42:02Authen failedtestAdministrator..(Default)External DB user invalid or bad password....test10.1.20.100..........mars01ba1DiverseCIS04BA1..

I have tried to set CS-Mars to RADIUS(IETF) this is the same

But why is there a user with username test

I upload a pdf file with screenshots

1 REPLY
Cisco Employee

Re: CS-Mars and AAA ACS - fail

Not sure which resources you used to configure this, but this looks like Cisco ACS server, so "Generic AAA server" will cause us to parse logs from this device wrong on MARS.

Follow this guide to add the ACS server to MARS:

http://www.cisco.com/en/US/docs/security/security_management/cs-mars/6.0/device/configuration/guide/cfgAaaSv.html#wp914530

There is also a section in here on bootstrapping your ACS for MARS:

http://www.cisco.com/en/US/docs/security/security_management/cs-mars/6.0/device/configuration/guide/cfgAaaSv.html#wp914530

Make sure you have done both the above. You might even want to start over with everything you have done thus far.

-Elly

788
Views
0
Helpful
1
Replies