I recently upgraded our Cisco Secure AS to ver 3.2 but have encountered problems. I have users who authenticate to a checkpoint NG FP3 firewall, which passes the authentication to cisco secure (radius) and cisco secure authenticates against a Novell NDS DB. This all works with 3.0(1) but with 3.2 it fails with the message "External DB user invalid or bad password", even though i know the credentials passed are correct. I had to roll back to allow users to connect.
Has anyone got an any ideas on this or seen it before?
I remember reading somewhere that a user must preface their username with the domain backslash to get authenticated. Please see if this might be the cause of the problem. Another possibility is bug CSCdu63791 'T+ enable partially broken for external db users'.
RADIUS and Symantec VIP.
I will use screenshots of ASDM, and at the end I will add the required CLI commands. the diagram below show a diagram of the steps the FW goes through when using 2FA authentication:
As you can see in Fig. 1&nbs...
Unable to get signature update from cisco.com
1. Make sure the router can get name resolution. Configure the router with a proper DNS name server.
ISR4451#utd threat-inspection signature update server cisco username xxxxx password yyyyy