Hi, I installed ACS 5.2 vmware image to test some scenario. I have a problem with setting active directory configuration. It worked when I first setup this, from this time I can see Status: CONNECTED in Connection Detail page but I am not able to list any AD groups and when I click on Test Connection after few seconds I obtain error message: connection test to "MyDomain" failed. Futher information status: Network Time Protocol status error. The NTP client on ACS server is setup to AD controler and I checked clock on both sides and the difference is in level of seconds. Does anyone had or solved this problem? Thank you for any help. P.
Also ACS 5 relies heavily on DNS to find the correct SRV and global catealog records. If there is any fake record, it won't work. There was a very good post early this year, but I can't find it. Basically you need to take sniffer traces to find out what records ACS is looking for, and what are the DNS replies. If there is any mismatch, ACS won't be able to connect to AD. Hope this helps.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...