Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1132
Views
0
Helpful
2
Replies

Problems between ACS v4.1 and Radius Client Simulator

dal
Level 3
Level 3

‎06-29-2007 03:26 AM

I'm trying to setup a Vacman Middleware v3 solution, and I am using their Radius Client Simulator to test the setup before I put it in production.

But when I try to authenticate against my Cisco ACS v4.1, I only get errors.

I try to authenticate with my regular user, which I use to connecting my laptop to the wireless network and to log into switches with, so I KNOW this user works.

But when using this user with the Client Simulator, I get this error from ACS:

External DB user invalid or bad password.

Except when I use MSChap2 as protocol in the simulator, then the ACS gives me an Authentication OK. But the simulator still gives me error either way.

The error in the simulater goes like this:

Test [1]: login failed - invalid response authenticator.Mismatched shared-secret is a possibility.

Strange thing is, this error appears whether I use the correct shared secret or not.

If I use the Client Simulator agains the Radius Client in Vacman Middleware, it works.

So therefor I'm leaning towards that it's something wrong with the ACS setup.

Any ideas?

Thanks.

Labels:
0 Helpful
2 Replies 2

rochopra
Cisco Employee
Cisco Employee

‎06-29-2007 04:25 AM

Hi,

It seems that the user you are trying to authetnicate is not found by ACS in its local database and it is sending it to some external database, The user is also not found in exyternal database.

can you try creating a new user local to ACS and check if you are able to authenticate with that user.(try to create this user in a group which is not already being used)

Also the network is

1. Radius Client --> VMS --> ACS

Or

2. Radius Client --> ACS

If it is setup like 1

make sure you check Shared Secret at Redius client, VMS and ACS

hope this helps

Regards

Rohit Chopra

0 Helpful

dal
Level 3
Level 3
In response to rochopra

‎06-29-2007 04:43 AM

Thank you for your answer.

As I said, the user I'm trying is my regular user name, so it exists and works very well.

But I also tried to create a local user, but then I get this error instead: CS password invalid.

I have tried to look up that error, but I can only find something about TACACS+.

And yes, the network setup is like in 2., Radius Client --> ACS.

Thanks

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents