Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

Cisco Secure Access Control Server (ACS) not able to authenticate the user/client if remote logging fails

Core issue

This issue arises due to Cisco bug ID CSCeg40355.

If a Cisco Secure ACS that is configured for remote logging fails to successfully transmit an accounting log to the remote server, authentication attempts to the ACS server during this time may fail.

The authentication failure may not be reported at all, or it may be reported incorrectly (as being successfully authenticated).

Note: The authentication reports show that the credentials are good and the authentication request did pass. What failed is the RADIUS accounting request since RADIUS authentication was not available. Then the actual logging failed. This is the right behavior.

Resolution

As a workaround, perform either one of these two steps:

  • The issue can be fixed by disabling the remote logging functionality altogether, or correct the cause of the logging failure.

  • This issue has been fixed in ACS SE version 4.0. In order to download the ACS SE software, refer to the ACS Software Download page.

Problem Type

Troubleshoot software feature

Connectivity

Product Family

Cisco Secure access control server

1109
Views
0
Helpful
0
Comments