Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

NAC Manager Failure during OS booting

Guys, i got a NAC manager appliance from cisco on which the NAC manager is installed. I configured failover on the server and during reboot, the boot stops at the line below and doesn't continue th enormal boot procedure:

EXT3-fs: mounted filesystem with ordered data mode

I can ping the server, but i can't access its web interface.So I tried to access the appliance via ssh and i succeeded. However the http service is not starting:

# service httpd start

[root@nacm1 ~]#Starting httpd: Syntax error on line 356 of /etc/httpd/conf/httpd.conf:

DocumentRoot must be a directory


I have another NAC manager, and i compared the /etc/httpd/conf/httpd.conf file on both appliances and its the same.

Your help is really appreciated



Re: NAC Manager Failure during OS booting

Before configuring high availability, ensure that:

•You have obtained a high-availability (failover) license

When installing a CAM Failover (HA) license, install the Failover license to the Primary CAM first, then load all the other licenses.

For heartbeat, each CAM needs to have a unique hostname (or node name). For HA CAM pairs, this host name will be provided to the peer, and must be resolved via DNS or added to the peer's /etc/hosts file.

•You have a CA-signed certificate for the Service IP of the HA CAM pair. (For testing, you can use the CA-signed certificate of the HA-Primary CAM, but this requires additional steps to configure the HA-Primary CAM's IP as the Service IP).

•The HA-Primary CAM is fully configured for runtime operation. This means that connections to authentication sources, policies, user roles, access points, and so on, are all specified. This configuration is automatically duplicated in the HA-Secondary (standby) CAM.

•Both Clean Access Managers are accessible on the network (try pinging them to test the connection).

•The machines on which the CAM software is installed have a free Ethernet port (eth1) and at least one free serial port. Use the specification manuals for the server hardware to identify the serial port (ttyS0 or ttyS1) on each machine.

•In Out-of-Band deployments, Port Security is not enabled on the switch interfaces to which the CAS and CAM are connected. This can interfere with CAS HA and DHCP delivery.