AGAIN... aCS2.6 on W2k advanced server with bug!!!!
This is my second post regarding ACS2.6 bugs...
The problem is:
As you know;-) I have an acs2.6 server on W2k advanced server , My ACS uses its Dbase to authenticate My users.
The users Using it to connect to the internet and sometimes many of my users logged into my network through the acs and when they disconnected from my system, I noticed that they still exist on the acs server , and since i made a single session to my users , they cannot enter again till i make a purge to the user.
Please this is a big problem for me so can u help me to solve it?
Re: AGAIN... aCS2.6 on W2k advanced server with bug!!!!
What "system" are they disconnecting from, and how are they disconnecting? Is this a dialup server and you're authenticating PPP connections? I presume you're doing accounting also since this is the only way that ACs knows that a person is still logged on. ACS relies on receiving an Accounting Stop record when the user logs out to know that the user is no longer logged in, so can you verify that the Stop record is being generated and sent correctly by the "system".
If this is an IOS router, then you can do "debug aaa account" to see when/if the Stop record is generated. Can you run some tests to find out if your users disconnect in a certain way (just power off their machine as opposed to actually disconnecting their session) then the "system" won't send a Stop record?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...