Running ACS 4.1 for windows. AD environment. Using Odyssey client with Leap auth. Having an issue with some user names working and then others are not. User accounts are basic domain user accounts. Created a new user account and made sure it matched exactly as an account that is working. Checked the ACS log and it states auth failed and the reason code is Internal error. I am stumped as to why some accounts work and other accounts do not. Anyone come across this or have any ideas on this? I have checked to make certain the account is set for dial-in access.
Actually i found out what was going on here. Yes the accounts are setup in ACS with Domain\username We are running the latest version of ACS. In ACS under external user databases\database configuration\windows database there is a setting Verify that "Grant dialin permission to user". However this was not working for all accounts. Even though the account was definately set for dial-in access it would fail with an error "internal error" Since i am using a special account for our wireless LEAP authentication i removed the check mark from the ACS setting so that it did not verify if account had been set for dial-in access and it has been working fine since. If anyone else runs into this problem give that setting a shot and see if that helps.
Transferring Crash file from standby: Login to the Active WLC in HA.
From CLI: (Cisco Controller) >transfer upload datatype crash (Cisco
Controller) >transfer upload filename (Cisco
Controller) >transfer upload mode tftp (Cisco Controller) >transfer
This is the start of a display filter cross reference between Wireshark
and OmniPeek. The 1st installment is a table of advanced filters. More
filters will be added as time allows. It is a living doc, so check back
for changes every so often Please feel f...