Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Integrate LMS 3.0.1 with Cisco Secure ACS 4.0.1

Hi,

I am trying to integrate LMS 3.0.1 with Cisco Secure ACS 4.0.1

Configuration done at ACS end:

1. ACS is integrated with the domain.

2. NDG group "CiscoWorks" has been created.

3. The LMS server has been added as a AAA client with the pre-shared secret key in the NDG in step 2

Configuration done at LMS end:

1. LMS server has been switched to ACS mode.

2. ACS server IP address, ACS administrator username/password has been added and the pre-shared secret has been matched.

After doing all this and when I apply those settings I get

" Primary ACS Verification Status ( 10.x.x.x )

Tacacs+ Connectivity Reachable

HTTP/HTTPS Connectivity Reachable

AAA Client Not Configured

Secret Key Verification Not Applicable

System Identity User Not Applicable

Note : Verification failed for all ACS server(s). Please check your

settings. "

I have tried everything, deleting, recreating, bug list, forum posts, etc, etc.

Can anybody help me please correct this error

Thanks

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: Integrate LMS 3.0.1 with Cisco Secure ACS 4.0.1

Make sure you have opened all TCP ports on the ACS for administration (i.e. ports 1024 to 65535). This is only needed for initial integration. Afterward, it is safe to reduce this to no less than 10 open ports. Also, if this is an ACS appliance, make sure the ACS administrator user configured in LMS is NOT the appliance administrator. The ACS administrator must be another user which has all ACS privileges.

2 REPLIES
Cisco Employee

Re: Integrate LMS 3.0.1 with Cisco Secure ACS 4.0.1

Make sure you have opened all TCP ports on the ACS for administration (i.e. ports 1024 to 65535). This is only needed for initial integration. Afterward, it is safe to reduce this to no less than 10 open ports. Also, if this is an ACS appliance, make sure the ACS administrator user configured in LMS is NOT the appliance administrator. The ACS administrator must be another user which has all ACS privileges.

New Member

Re: Integrate LMS 3.0.1 with Cisco Secure ACS 4.0.1

you are a star, it works, much appreciated

174
Views
5
Helpful
2
Replies
CreatePlease to create content