Re-Authentication at ACS server happens when a Teklogix Hand Held Roams

Similar Messages

• Software to test RADIUS/TACACS authentication to ACS server

  Hi experts,
  Is anyone aware of a software that will test RADIUS and/or TACACS authentication to an ACS server from a PC? Same as what you can do on the Cisco VPN concentrator from the page Configuration | System | Servers | Authentication | Test Screen.
  Thanks in advance!

  If you look in the ACS utils folder you'll see radtest and tactest.exe
  These can be used to generate test packets. If you install ACS on another PC you can fire requests from that other PC too.
  I think Vasco (token card vendor) had a really nice GUI based RADIUS client too.
  Darran

• AAA Radius Authentication for Remote VPN With ACS Server Across L2L VPN

  Hi,
  I have an ASA running fine on the network which provide L2L tunnel to remote site and provide Remote VPN for remote access users.
  Currently, there is a need for the users to authenticate against an ACS server that located across the L2L VPN tunnel.
  The topology is just simple with 2 interfaces on the ASA, inside and outside, and a default route pointing to the ISP IP Address.
  I can ping the IP address of the ACS Server (which located at the remote site, IP addr: 10.10.10.56) from the ASA:
  ping inside 10.10.10.56
  However when I configure the ASA for the AAA group with commands:
  aaa-server ACSAuth protocol radius
  aaa-server ACSAuth host (inside) 10.10.10.56 key AcsSecret123
  Then when I do the show run, here is the result:
  aaa-server ACSAuth protocol radius
  aaa-server host 10.10.10.56
  key AcsSecret123
  From what I thought is, with this running config, traffic is not directed to the L2L VPN tunnel
  (seems to be directed to the default gateway due to the default route information) which cause failure to do the AAA authentication.
  Does anybody ever implement such this thing and whether is it possible? And if yes, how should be the config?
  Your help will be really appreciated!
  Thanks.
  Best Regards,
  Jo

  AAA is designed to enable you to dynamically configure the type of authentication and authorization you want on a per-line (per-user) or per-service (for example, IP, IPX, or VPDN) basis. You define the type of authentication and authorization you want by creating method lists, then applying those method lists to specific services or interfaces.
  http://www.cisco.com/en/US/docs/ios/12_4/secure/configuration/guide/schaaa.html

• When I try and play music on my iPhone downloaded from iTunes it says 'this URL is not found on this server'. This does not happen when I play the same music through my iPad. Can anyone help?

  When I try to play music downloaded from itunes on my iPhone 4S it says 'this URL is not found on the server'. This does not happen when I play the same music on my iPad. The music plays fine. The message also comes up when I try and login to iTunes on my iMac. Can anyone help?

  I too am having the same issue as the OP.
  Your USER AGENT information is Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_2) AppleWebKit/600.3.18 (KHTML, like Gecko) Version/8.0.3 Safari/600.3.18
  Every webserver that receives a request from your browser is able to determine the HTTP USER AGENT information unless it has been removed by some software (e.g. firewall) before the request was trasmitted.

• What happens when max job limit of few RAS server is reached?

  Hi, I would like to know what happens when max job limit of server is reached. I know that we need to increase the job limit but my question is a bit different.
  We have 7 RAS per servers. I got this message "The maximum report processing jobs limit configured by your system administrator has been reached" on 4 RAS servers but not all 7. I am tracking servers using PIDs on WIndows server 2003.
  Does this means this is a warning that Job limit of 75 (in our case) has reached for 4 servers and for remaining 3 servers its still not reached. This means 3 servers are still able to handle more report request as they have not reached their max limit.
  OR
  This message means all of the servers have reached to their max limit and there is no more request which can be taken.
  We are doing 3000 users performance testing on 21 RAS servers.
  We are on BOXI R2 SP3 on IIS and opening crystal reports using .NET SDK.
  Thanks,

  This is same as my other question so I am closing this too. We have set limit as unlimited and during peak load we had almost balanced reports on all RAS.

• EAP-TLS or PEAP authentication failed during SSL handshake to the ACS serve

  We are running the LWAPP (2006 wlc's and 1242 AP's) and using the ACS 4.0 for authentication. Our users are
  experiencing an issue, where they are successfully authenticated the first time, however as the number of them is increasing, they're starting to drop the connections and being prompted to re-authenticate. At this point, they are not being able to authenticate again.
  We're using PEAP for the authentication and Win XP SP2 clients as the supplicants. The error message that we are seeing on the ACS for that controller is "EAP-TLS or PEAP authentication failed during SSL handshake to the ACS server"...Not sure if this error msg is relevant since we have other WLC's that are working OK and still generating the same error msg on the ACS...
  Thanks..

  Here are some configs you can try:
  config advanced eap identity-request-timeout 120
  config advanced eap identity-request-retries 20
  config advanced eap request-timeout 120
  config advanced eap request-retries 20
  save config

• Could not execute view config service request. This usually happens when an invalid view config service request is made, or when a read only Oracle Endeca Server receives a view config service request. Error message: Error applying updates: Unsupported la

  Hi,
  I have some data loaded into the data-domain in Endeca 3.0. When I was creating views in studio I repeatedly get this message when I say save view:
  Could not execute view config service request. This usually happens when an invalid view config service request is made, or when a read only Oracle Endeca Server receives a view config service request. Error message: Error applying updates: Unsupported language ${DEFAULT_LANGUAGE}
  In the workspace.prm file I have set ${DEFAULT_LANGUAGE}=en
  May I know why this happening and a remedy for it. Appreciate you help.

  Hi,
  I have some data loaded into the data-domain in Endeca 3.0. When I was creating views in studio I repeatedly get this message when I say save view:
  Could not execute view config service request. This usually happens when an invalid view config service request is made, or when a read only Oracle Endeca Server receives a view config service request. Error message: Error applying updates: Unsupported language ${DEFAULT_LANGUAGE}
  In the workspace.prm file I have set ${DEFAULT_LANGUAGE}=en
  May I know why this happening and a remedy for it. Appreciate you help.

• Our company have just upgraded to iOS 6 and the majority of the users are now receiving the following error 'Cannot Get Mail – Server error. Contact your server administrator' when accessing ms exchange this never happened on iOS 5 can anyone help

  Our company have just upgraded to iOS 6 and the majority of the users are now receiving the following error 'Cannot Get Mail – Server error. Contact your server administrator' when accessing ms exchange this never happened on iOS 5 can anyone help

  Have you tried deleting the account and re-adding it on the phone?
  What version of Exchange server are you running?

• ACS Server: External Authentication configuration error

  Hi ALL
  I have installed the ACS server and configure properly and it works fine.
  But whenever i restart the machine, following error message appears on the external database configuration wizard.
  External Authentication Configuration Error
  ACS has encountered a problem while attempting to process your request. This could be due to one of the following:
  An incorrect installation or configuration of the third-party DLLs required to support this External Database
  A corrupt ACS configuration
  So after i found this error, i just restart all the seven services and every things works fine.
  I always encountered the same error message after restarting the machine each time.
  Can any body recomend the solution or can help me to resolve the issue.
  Thanks

  Hi,
  Please try the following workaround.
  1. Go to Start > Programs > Administrative Tools > Services.
  2. Stop the following services in the following order.
  CSAuth
  CSDbSync
  CSLog
  CSMon
  CSRadius
  CSTacacs
  CSAdmin
  3. After stopping the following services, start them all again in the following order.
  CSAdmin
  CSAuth
  CSDbSync
  CSLog
  CSMon
  CSRadius
  CSTacacs
  Please let me know if this was able to help.
  If the above doesn't help, please reinstall the ACS as the dll files that are being used
  by the ACS have been corrupted, before uninstalling and reinstalling, do take a
  backup of ACS server database from System Configuration > ACS backup > Backup Now.
  Also make sure that the ACS is installed on the default drive.
  tnx
  somishra

• My Macbook pro processor is a 2.4 GHz intel Core i5 using Mac OS X. I go to the network diagnostics and it starts  to work. After about a minute the ISP and Server fail. Same thing happens when I try again. My desktop internet works fine.

  My Macbook pro processor is a 2.4 GHz intel Core i5 using Mac OS X. I go to the network diagnostics and it starts  to work. After about a minute the ISP and Server fail. Same thing happens when I try again. My desktop internet works fine.

  hello I am in Afghanistan i searched that in realtek but that told me you coulde not use this sit
  I writ again my problem 
  i installed win 7 32 bit in my mac pro 13-inch, Late 2011  Processor  2.4 GHz Intel Core i5   Software  Mac OS X Lion 10.7.2 (11C74)
  but there is no sound in windows 7  please send me a address sit for downoad driver that i can use in Afghanistan
  believe it is confus me and other friend that bought 5 mac's that are the same and i serched a lot of site without result

• I am having trouble connecting to safari. I found this happened whenI did my last software update. I am getting the message 'safari can't connect to the server' .

  Having trouble connecting to safari. I found this happened when I last did my software update. I am getting message ' safari can't connect to the server'. My Internet connection appears to be fine.

       Have you tried a different website, or just one?
  robynles wrote:
  My Internet connection appears to be fine.
  How did you verify this?

• ACS Server MAC Authentication with Windows Database

  Has anyone setup an ACS Server 3.2 for MAC authentication using Windows as the authentication. The documentation I found shows how to set it up using the CiscoSecure database. Any help would be appreciated.

  Here is the link for setting up MAC authentication using CisoSecure database. There may not be a solution for my setup, but maybe I'll keep hacking away at it and find a resolution.
  http://www.cisco.com/en/US/products/hw/wireless/ps430/products_white_paper09186a00800b3d27.shtml

• What happens when you delete a linked server?

  What actually happens when you deleted a linked server? SSMS says deleting a remote server deletes all remote logins defined for that server..Are you sure you want to delete this linked server and all remote logins defined
  for this server? 
  How can I see the remote logins for the linked server?
  thanks in advance

  So this is the problem with using the UI - you don't really know what is going on under the hood.
  You can see your linked servers in sys.servers. You can see mapped logins in sys.linked_logins.
  You drop a server with sp_dropserver, and if I remember correctly it also drops the logins.
  Nothing is ever touched on the remote data source. it is a purely local operation.
  Erland Sommarskog, SQL Server MVP, [email protected]

• ACS server authentication

  Hello, it is possible that an ACS server authenticates with TACACS some clients and RADIUS other clients?
  Thank you.
  Regards

  Yes it is possible,
  You should configure AAA clients accordingly in ACS for Radius/Tacacs.
  ~Rohit

• How do I create a default account with an ACS Server

  Has anyone seen this. I have an ACS Solution engine appliance with Several devices using it for authentication and accounting. It all seems to work great.
  When I add a new device (router or switch) i noticed that it will let me login via the acs based authentication even before i even setup the aaa-client account for this device in the acs appliance. I do have the tacacs key and all the appropriate information on the router or switch but i dont have an entry for it in the acs appliance yet. This has puzzled me Where is this default account setup. I have another ACS server (Windows Based) It seems to have a completely different behavior when it encounters an unconfigured AAA-client compared to the ACS Appliance. Can anyone tell me how to configure the ACS server to do the same and where these configuration options exist?
  This really concerns me from a security perspective.

  Hmm, ACS should not (by default) accept traffic from any old device.
  Could it be you have a wild-card IP Addr in your ACS network config somewhere that accidentally includes the new device?
  Or possibly a DNS name (instead of an IP Addr) that resolves to the address of the new device?
  Try changing the shared secret in the device - you should find you get errors in the Failed Attempts Log.
  Also check the Passed Authenications report as this included the ACS network config device name in the Access-Device column.