Cisco AAA/Identity/Nac :: ACS 4.2. Build15 - Replication Failed With Cannot Access File

Dec 22, 2009

Just upgraded from 4.0 - to 4.2 then to 4.2.1 15. As you may have seen with periovous posts of mine its not been an esay ride.I have now managed to get it all working - backups AAA etc but for some reason i cannot get the replication to work! Its states the following...
 
Within the Database Replication active log - Error OutBound database replication failed - refer to CSAuth log file.Other lines in the log state  its ok eg - Component logging reports was updated - being replicated to slave...

Please note that the $ is a symbol that i have used because the symbol in the log is strange and i  cannot seem to be able replicate here with this text, for example $etworks - should be networks.

View 4 Replies


ADVERTISEMENT

Cisco AAA/Identity/Nac :: ACS 5.2 License File Installation Failed

Sep 19, 2011

have a  ACS 5.2 version installed on Vmware . I  purchased below  liscense
 
Product Name                  : L-CSACS-5-LRG-LIC=
Product Description         : L-CSACS-5-LRG-LIC= : ACS 5 Large Deployment License (Electronic Delivery)
 
When i am trying to upgrade the liscense i am getting an Error " Liscense file installation failed : The liscense file must contain single base liscense "

View 2 Replies View Related

Cisco AAA/Identity/Nac :: ACS 5.1 Import Template Gives File Format Validation Failed

Sep 21, 2011

Network Resources - Network Devices and AAA Clients- File Operations - Add - gives me File Format Validation Faliled. I am carefull to leave the header as it is. The header in the Import Template looks faulty, see attached. When exporting devices I also get the same header as attached. I also tried to change the header so its all in one column, but with same result.

View 1 Replies View Related

2960S Packet Loss On File Replication?

Oct 26, 2011

I have 2 Exchange 2010 servers and when I enable the DAG and start replication I see both servers NIC cards reach 100% utilization periodically. I normally don't see this on any of my servers but I figure what the heck it'll be really fast in completion. However, when it peaks at 99-100% for short bursts I see packet loss from other systems on the network.

A minute or two into it I start getting alerts of packet drops on the switch these are connected to (catalyst 2960S). It's not across the board but it's enough to wreak other havoc with processes running. I'm curious as to whether this is the 2 servers having a problem or is this switch not up to it?

I believe the last snapshot I took showed most of the active ports on the switch having a 40-50% transmit status when those 2 servers peaked, which didn't make any sense to me. Is there something on the switch triggering other ports to lose packets or is it broadcasting something it shouldn't?

In more detail:-I'm seeing immediate/more packet loss on the network from the 8 or so APC PDU's that are connected to the same switch at 100/half or 100/full (haven't looked into why that is yet some are coming up at half.

-Couple of sql servers were failing over because they could not reach network resources, timeouts exceeding a few seconds. Really just bizarre for just replication files.

Lastly - any way to throttle the throughput on the Exchange replication via powershell or anything?

View 13 Replies View Related

Cisco AAA/Identity/Nac :: ACS 4.2 Replication

Jul 18, 2012

It ´s possible to do replication between a ACS 4.2 installed in a SERVER and  Cisco appliance with ACS4.2?.

View 5 Replies View Related

Cisco AAA/Identity/Nac :: ACS 4.2 To ACS 5.4 Database Replication

May 27, 2013

I would like to know if its possible setup database replication from Cisco ACS 4.2 server to ACS 5.4 server ?

View 3 Replies View Related

Cisco AAA/Identity/Nac :: ACS 4.2.1 Authentication And Database Replication?

Mar 27, 2011

Firstly the ACS 4.2.1 for Windows database replication does any one have and documentation on the processes required?Secondly I have a single system installed which is providing TACACS authentication for management access to a Cisco 5508 WLC, the controller prompts with a login box on connection to the web interface. When you put in the username and password pair the box comes back as if the authentication has failed. On the ACS I was unable to see any failed authentications so enabled passed authentication reporting and can see the user passing the process. The WLC is running software version 6.0.199.4. On the ACS I have added the extra two options within the TACACS interface configuration and have a ‘role1=all’ against both the user and the group the user is part of so I am confused as to why the user is still denied access.

View 3 Replies View Related

Cisco AAA/Identity/Nac :: ACS 5.2 Replication Failing Shows Pending

Oct 6, 2010

ACS 5.2 , in my Primary ACS under System Administration > Operations > Distributed System Management I see my Secondary but it shows "PENDING" under Replication Status.

View 3 Replies View Related

Cisco AAA/Identity/Nac :: 1252 AP - 24427 Access To Active Directory Failed Error In ACS 5.1

Jan 2, 2011

I'm working on implementing a RADIUS authentication for wireless access with the following :
 
- PCs running Windows 7, protocol used is PEAP (without validating the server certificate to make it simple at first),

- AP 1252  configured to use a RADIUS server to authenticate (it's working good with an ACS server 4.2),

- ACS Server 5.1.0.44.5 running as VM connected to an AD domain and working good with VPN connections,

- AD domain running on Windows 2003 Server.
 
My ACS VM is working good since a couple of months for VPN (RADIUS) and administration (TACACS) remote access, both using Active Directory. Now, I'd like to use it to authenticate people connecting to a 1252 Cisco access point but I'm getting this error "24427 Access to Active Directory failed". I switched from PEAP to LEAP but this is the same.
 
All I can get running the expert troubleshoot
 
Investigating failure code: 24427 Access to Active Directory failedChecking if Active Directory is configuredActive Directory is configuredAttempting connection to Active DirectoryConnection to Active Directory was successful.Troubleshooting completed.Click on Show Results Summary to view results.
 
I followed this guide, at least for the ACS certificate section :
 
[URL]

View 27 Replies View Related

System Restore Failed To Replace The File

Jan 4, 2012

After unable to connect to my wireless network, I did a restore - but got a message: System restore failed to replace the file (C:WindowsServiceProfilesLocalServiceAppDataRoamingPeerNetworking98c An unspecified error occurred during System Restore (0x80070002)I've tried 3 restores to get the same message.Am at a loss to get the computer back on line.Running win7 (32Bit) with Norton 360.

View 9 Replies View Related

Cisco :: RME 4.3.1 / Failed To Export Detailed Device Report To CSV File

Apr 15, 2010

I try to export a Detailed Device Report to a CSV. It failes:
 
<HTML><META HTTP-EQUIV="content-type" CONTENT="text/html;charset=utf-8">
<H1>HTTP Status 500 - </H1><HR SIZE=1 noShade>
<P><B>type</B> Exception report</P><P><B>message</B> <U></U></P><P><B>description</B> <U>The server encountered an internal error () that prevented it from fulfilling this request.</U></P><P><B>exception</B>

[code].....

Exporting to PDF works OK.CW is running on Windows server. RME is 4.3.1

View 11 Replies View Related

Cisco VPN :: ASA 5505 Error Copying X To Temporary RamFS File Failed

Nov 16, 2012

[OK] webvpn
webvpn
[ERROR] anyconnect image disk0:/anyconnect-win-3.0.08057-k9.pkg 2
copying 'disk0:/anyconnect-win-3.0.08057-k9.pkg' to a temporary ramfs file failed
 
Trying to add the windows anyconnect to the list of usable software for clients and that error happened. What is going wrong? I assume I dont have enough RAM...

View 1 Replies View Related

Cisco WAN :: 3560x Switch - Copying IOS File To Flash / Failed To Boot

Jan 20, 2013

I have a 3560x switch with the flash formatted . I have tried to solve the problem by copying the IOS file to the flash. But the boot failed either .I have tried to copy the same IOS by the Xmodem, The boot failed again.My question is how to fixed the boot issues after the flash was formatted?

View 4 Replies View Related

Cisco Wireless :: WLC 4404 - Failed To Open File / Retrieve Statistics

Oct 16, 2012

the WLC 4404 present this logs:
 
*osapiReaper: Oct 02 14:55:11.152: %OSAPI-3-FILE_OPEN_FAILED:  osapi_file.c:370 Failed to open the file : /proc/927/stat.(erno 24)
*osapiReaper: Oct 02 14:55:11.152: %OSAPI-3-TASK_GETTIME_FAILED:  osapi_task.c:3431 Failed to retrieve statistics  (/proc/<pid>/stats) for task 'gccp_t'
*osapiReaper: Oct 02 14:55:11.152: %OSAPI-3-FILE_OPEN_FAILED:  osapi_file.c:370 Failed to open the file : /proc/926/stat.(erno 24)(code )
 
when present this loggs the device present those symptoms:
 
lost GUI session
Lost console conection
Lost SSH and Telnet conecction
the WLC 4404 not work is stopedd

View 3 Replies View Related

Cisco Wireless :: 5508 - Software Update / Code File Transfer Failed

Dec 10, 2012

From 6.0.199.4 to  AIR-CT5500-K9-7-3-101-0.aes. Get the error below halfway through download of file to controller. 

*Dec 11 14:18:55.775: %UPDATE-3-FTP_TRANSFER_FAIL: updcode.c:4158 Error FTP file Transfer [ftp_get], <28>, No space left on device.
 
I have no idea how to delete files form the storage on the 5508? TFTP transfer gives me this error after the upload is done:

% Error: Code file transfer failed - Error while writing output file
*Dec 11 15:11:45.514: %TFTP-3-FILE_WRITE_FAIL: tftp_client.c:517 Error while writing 512 bytes to file. Tftp error.
*Dec 11 15:11:45.514: %TFTP-3-WRITE_NOCLOSE_FAIL: tftp_client.c:147 Error while writing the local file: No space left on device
*Dec 11 15:11:45.514: %OSAPI-3-FILE_WRITENOCLOSE_FAILED: osapi_file.c:582 Failed to write 512 bytes (FileDesc:64). file write no close failed

View 6 Replies View Related

Cannot Access File Because Another Process Has Locked Portion Of File

Jul 26, 2011

I am working on a Drupal site which is on a virtual server (the way it's been explained to me). I've been told I need to work with it through webdev. So I can copy a file off the server and onto my local machine. I make my edits and then try to upload it to the server. I get locked out with the message: Error 0x80070021: The process cannot access the file because another process has locked a portion of the file. I have tried shutting down my code editor, opening and closing the connection, tried different methods of reaching the server (Cyberduck and through Window's map network feature) to no avail. What can I do?

View 1 Replies View Related

Cisco AAA/Identity/Nac :: ACS 5.3 - Application Failed To Start

Apr 28, 2012

Although, ACS states its installed, after going through the startup. However when I do show application nothing comes up. When I do a application start acs, %Application failed to start.

View 7 Replies View Related

Cisco AAA/Identity/Nac :: ACS 5.3 Secondary Registration Failed

Jun 5, 2013

I've just had to rebuild my ACS appliance with new hardrives but I am unable to register the devices to each I get a system error. I thought it may have had something to do with the rebuilt device not being joined tothe domain but it has now been joined albeit using a different ad account, but still cannot register to primary.

View 11 Replies View Related

Cisco AAA/Identity/Nac :: 802.1x Failed Authentication With WS-C3750G-24T

Mar 12, 2013

I have already set up a lab  comprising of  1x2950-24 switch, 2x3750-24T in stack mode and 2x MS Domain Controller with AD 2008 Servers and NPS enabled (Domain level 2008). I use NPS as a Radius Server. I am trying to test the 802.1x framework in two scenarios.
 
1.     I use as client a domain laptop with Windows XP SP3 with the embedded 802.1x MS supplicant. As authenticator use the 2950 switch and as authentication servers I use the two NPS integrated in MS DCs. Everything is working fine as I expected with basic configuration guidelines from Cisco & Microsoft.
 
2.      I use as client a domain laptop with Windows XP SP3 with the embedded 802.1x MS supplicant (the same as before). As authenticator I use the 3750 Stack switch and as authentication servers I use the two NPS integrated in MS DCs (the same as before). I have configured the supplicant for both machine or user authentication in both scenarios. However the client never pass the authentication in the second one. I disconnect and connect the same supplicant in the 2950 switch and the authentication is completed successfully. Getting back to the 3750 stack the authentication failed and the laptop gains network access in the configured Auth-Failed Vlan. I have tried several configuration changes without success. I cannot understand why does this happen. I have made some debugs and I am sending them a long with a partial basic configuration of 3750 stack switch.

View 7 Replies View Related

Cisco AAA/Identity/Nac :: ISE V1.1 NAD 6500 Failed To Decrypt Key

Sep 11, 2012

I´ve implemented 2 Cisco ISE v1.1 in HA to run MAB and 802.x Authentication / Authorization. Using Local ISE DB and Active Directory as an External Identity Source for wireless and wired users and devices. This was working fine 2 weeks ago after finishing installation.
 
My NAD devices are a Core SW 6500 for wired users (there are no access SW, just the Core for the whole network, its a small office) and a WLC 2405 for Wireless Users.[code].....

View 3 Replies View Related

Cisco AAA/Identity/Nac :: W2003 / ACS Tacacs Authentication Failed

Jun 27, 2012

we have a ACS server V4 installed on W2003 server ,when we make a telnet to an equipement on the wan the authentication pass on the first connexion ,but when we telent to a switch on the lan the first connxion fails and we need to retry to login .when i check the  field attempt log on the ACS i dont find the field attempt.i find this issue in ALL switch on the LAN ,from the switch i can ping the the ACS server .this problem appear frequently?

View 1 Replies View Related

Cisco AAA/Identity/Nac :: ACS 5.3.0.40 On-demand Full Backup Failed

Dec 27, 2012

I have ACS 5.3.0.40 Primary Secondary Authenticators , of which the Scheduled backup has stopped.When checked the : Monitoring Configuration > System Operations > Data Management > Removal and Backup > Incremental Backup , it had changed to OFF mode. without any reason.Later i did the acs stop/start  "view-jobmanager" and  initiated the On-demand Full Backup , but no luck, same error reported this time too.

View 2 Replies View Related

Cisco AAA/Identity/Nac :: Wireless ISE - 12508 EAP-TLS Handshake Failed

Mar 21, 2013

I'm in the middle of my very first wireless ISE deployment and I'm hitting issues with EAP-TLS based authentication.  In short, all EAP-TLS authentication is failing with the following error.  Below that is the relevant excerpt from the logs:
 
Authentication failed : 12508 EAP-TLS handshake failed
 
OpenSSLErrorMessage=SSL alert: code=0x233=563 ; source=local ; type=fatal ; message="X509 decrypt error -  certificate signature failure", OpenSSLErrorStack=   597863312:error:0D0C50A1:asn1 encoding routines:ASN1_item_verify:unknown

[Code].....

View 5 Replies View Related

Cisco AAA/Identity/Nac :: 3395 - Getting Error - Failed To Start DB

Oct 14, 2012

While installing ISE 3395 i am getting error failed to start DB!
 
Database is not available withintimeout of 240 seconds.this could be reason of incorrect network configuration or lack of resources on the appliance or VM, run the folloing CLI to re-prime database 'application reset-config ise'

View 3 Replies View Related

Cisco AAA/Identity/Nac :: 002SWC003 - ISE Dynamic Authorization Failed

Dec 5, 2012

I am gettning warning messages in ISE saying

Cause:Dynamic Authorization Failed for Device: 0002SWC003 (switch)Details:Dynamic Authorization Failed 
 
It is not only on that switch but on all switches I have configured. I am using 3560 IPBase 12.2(55)SE6. I have configured them according to Trustsec 2.1. My end devices are none-802.1x. I can't figure out what is causing this error.
 
The thing is that I have not experienced any problem. In Live Authentications there are some 'Unknown' and 'Profiled' devices hitting the DenyAccess rule, but other then that everying is beeing Authorized fine.

View 8 Replies View Related

Cisco AAA/Identity/Nac :: ACS Version 5.2.0.26 / Failed MAB Authentication Logs

Jan 8, 2013

Having an issue where a user will plug a PC into a switch.  The switch does a MAB authenticaiton and the MAC is not located in the ACS server.  It logs the failed attempt, but when the PC is removed from the switch, the failed attempts keep getting logged until the port is bounced.  Any way to keep the attemps from happening after the PC is removed?  If not, any way to make it stop without bouncing the port?
 
running ACS version 5.2.0.26
 
switch port config: 
interface GigabitEthernet1/0/2
sw access vlan 2 sw mode access
authentication control-direction in
authenticaion host-mode multi-auth
authentication port-control auto
mab
spanning-tree portfast

View 2 Replies View Related

Cisco AAA/Identity/Nac :: Radius Authentication Failed On 6509

Jan 29, 2012

I have configured Radius authentication on Windows 2008 server (NPS)  The following configuration is working perfectly on Cisco Switch 3560. [code]But, the same configuration is not working on Cisco Catlyst Switch 6509 (C3560-IPBASEK9-M), Version 12.2(46)SE, RELEASE SOFTWARE (fc2)/

View 2 Replies View Related

Cisco AAA/Identity/Nac :: Cannot Upgrade ACS 5.2 Transfer Failed (code 1)

Nov 29, 2011

I am facing an issue with several ACS appliances (some other work well) when upgrading to version 5.2.0.26.8.
 
When I launch the command acs patch install, I receive the following error message (we use FTP):
 
Failed to copy file '5-2-0-26-8.tar.gpg' from repository PatchRepository
(Error -302)
% Error: patch install 5-2-0-26-8.tar.gpg from repository PatchRepository - transfer failed (code 1)
 
This happens on three appliances but I could successfully upgrade 4 other appliances.
 
What is the reason behind this error code ? What could I do solve it ? I have already tried to create another repository on another server, without success.

View 5 Replies View Related

Cisco AAA/Identity/Nac :: Private Key File From ACS 3.3?

Apr 26, 2011

I have my SSL server certficate on my old acs 3.3.along with private key file , How i can export this private file with .pem extension from windows 2000 server , This private key file is not identified under certificate mmc console  , Because my acs application is being installed on a separate hardisk partition under D drive .
 
file path : d:Certificatesh02cacsw02.pem
 
how i can export this.pem from that particular folder

View 4 Replies View Related

AAA/Identity/Nac :: Command Authorization Failed In TACACS With ACS 4.2

Feb 2, 2012

We have a group in TACACS ACS4.2.  I configure it can do show command. When logged, it can do show command some parameters, like show ip interface, but it cannot do show running-config. it says "command authorization failed".

View 2 Replies View Related

AAA/Identity/Nac :: ACS 4.2 Authenticating 4710 ACE Appliance Failed

May 5, 2011

I've got a problem with Cisco ACS 4.2 authenticating Cisco 4710 ACE appliance.
 
ACS4.2 has been configured to use both internal and external database. It's been working fine for a couple or years.
 
Recently we bought a Cisco 4710 ACE appliance. When I use ACS4.2 internal username and password to login the Cisco 4710 ACE appliance, I have no problem. I can also see the passed authentication log on ACS4.2. However, if I use AD username and password, I couldn't login in. The message is "Login incorrect". I checked the failed attempts log on the ACS4.2, there was no log regarding the failed attempt. My AD username and password works fine on all other cisco routers and switches.
 
I've posted my AAA configuration of the 4710 ACE below. ACE is running on the latest version A4(1.1).
 
tacacs-server key 7 "xxxxxxxxxxxxx"aaa group server tacacs+ tac_admin  server xx.xx.xx.xx
 
aaa authentication login default group tac_admin local aaa authentication login console group tac_admin local aaa accounting default group tac_admin

View 2 Replies View Related

Cisco AAA/Identity/Nac :: ASA 5520 Failover Exec Authorization Failed

Mar 14, 2013

I have a pair of ASA 5520 firewalls running in active/standby mode on 8.3.2.34 code. My configuration performs authentication/authorization into ACS 5.1, however command authorization is failing when I try to execute a command on the standby from the active unit...
 
failover exec standby dir disk0:/
 
Fallback authorization. Username 'adminuser' not in LOCAL database Command authorization failed
 
I don't even see the authentication attempt going into ACS.

View 2 Replies View Related

Cisco VPN :: 7200 Getting IPSEC Decrypted Packet Failed SA Identity

Jan 23, 2013

I´ve try to configure a VPN IPSEC between a Cisco 7200 and Juniper ISG2000.The tunnel looks like good but when a ping is sending, I´ve packets lost and getting the next error:IPSEC(epa_des_crypt): decrypted packet failed SA identity check.My configuration en both sites is the follow: [code] What is the possible problem here. mea be in the Cisco 7200 configuration or in ISG Configuraton??

View 4 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved