Cisco :: SSH Authentication Failure CiscoWorks LMS 4.0
Oct 24, 2012
I am trying to get CiscoWorks LMS 4.0 to connect to my routers in order to back up configurations, but I am getting SSH authentication failures reported in the router logs (and archiving fails).
The credentials LMS is using is a username and password with priviledge 15: the account is established in TACACS+. I can log into the devices directly with this user account.However, I cannot TFTP from the routers to the LMS either (I get a permission denied message in the router).
LMS did manage to fetch some configs, but 90% of my devices are having this issue.
View 4 Replies
ADVERTISEMENT
Jan 4, 2011
I'm trying to get user authentication backed off to ACS 5.1, I've got it working but not the way I'd like. This is using the TACACS settings not ACS mode.I've created a local user in CW and assigned it to the correct roles, then created a user in ACS with the same name and a different password and this works fine.My question is can I set the roles on the TACACS server using a shell profile/custom attributes. All the documentation I can find is for ACS v4?
View 15 Replies
View Related
Jan 1, 2013
I have a following question. I configured different authentication passwords in Master and slave VRRP setup.
View 2 Replies
View Related
Apr 15, 2013
I'm using the Cisco ANM 5.2 version and I'm trying to import the configurations from ACE modules of Cisco switches. The first step is to import the configuration from Cisco switch and the second one is to import the ACE module in the ANM software. I'm getting an authentication problem to import the configuration from Cisco switch and of course I cannot import the ACE as well. The switches and the ACE are using AAA authentication and I have created a specific username to authenticate and import the configurations in the ANM. If I remove the AAA configurations from the switches and ACE modules it works fine.
Is there some problem with the AAA configurations in the switches or ACE module?
View 7 Replies
View Related
Jun 13, 2012
Error: AAA Authentication Failure for UserName:radiususername User Type: WLAN USER
I am using a window radius server. I have added my WLC 4402 as a radius client on my radius server.
I followed the instructions on the MS link : [URL]
I want to use my windows raduis authentication for WLC management login and Web-Auth for guest WLAN user login.
View 2 Replies
View Related
Dec 26, 2012
I have configured an Asa 5510 as SSL vpn gataway ver 8.2(4) Anyconnect Essential. The clients are authenticated via Radius and OTP password.All work well since yesterday. When I have did same configuration changes. My objective was has that the clients accept the self signed certificate issued by the Asa whitout give the warning about the private cert.
So I have try to generaste a new certificate with FQDN equal to myasa.mydomain.com and also a CN=myasa
Then I have change the profile XML file of my anyconnect in this way: [code]
View 1 Replies
View Related
Aug 3, 2011
I've set up several local network users (Security > Local Net Users) on the WLC (5508 running 7.0.98.0). Whenever I try to connect with one of these user accounts (I'm testing this out for now), the attempt is unsuccessful and I see an "AAA Authentication Failure for UserName: xxxxxxx User Type: WLAN USER" in the Trap Log. I thought that after trying to authenticate through a RADIUS server, the local user database would be polled and then a user account in that database would be able to authenticate.
View 1 Replies
View Related
Aug 24, 2011
I've my ACS linked with AD to give administration access to few network devices and I've created an access policy to link my AD groups with those network devices and command sets.
Unfortunately I found I can use any user from my AD to login to my devices. Only LOGIN, the authorization definition is restricting the command set for those users.
How can I restrict the LOGIN to an specific AD group?
View 2 Replies
View Related
Jul 31, 2012
I have a Cisco Small bussiness RV120w and I setup the radius server , WPA2 Enterprise with a windows 2008 NPS radius server . The big problem is that the authentication fails .This is the error that I see in event viewer / server roles / Network policy and access services: reason-code 49 "The connection attempt did not match any connection request policy".The radius key is matching between the server and the client . The radius server is reachable and I don't find any routing issues .Does anybody tested this router with this type of wireless security?
View 3 Replies
View Related
Nov 22, 2011
we have ACS 4.2 and 2851 router with IOS 15.0(1)M4. There is authentication failure with error no 254. Is there any compatibilty issue with 15.0(1)M4 IOS
View 1 Replies
View Related
Jan 29, 2013
I have been noticing in my trap logs that there are an excessive amount of Client Association/Authentication Failures. I cannot figure out why. I have a Cisco 5508 WLC with 81 AP's (1131ag, 1142abgn, 1262N) models. The wireless devices are on a Windows Domain and use 802.1x EAP authentication, authenticating the user and computer info with a RADIUS Server. I look at the logs and all it can tell me is Reason:Unspecified ReasonCode:1. I read that the Reason Code is due to "Client associated but no longer authorized" but to be honest I am not sure what that means.
View 9 Replies
View Related
Jul 25, 2012
I have a question about ACS RADIUS authentication with Alteon 3408 L4 Switch.
I configured a ACS 4.2.1(build 15 patch 4) software for windows on Windows Server 2008 Server STD.TACACS authentication with CISCO product was successfully passed.but RADIUS (IETF) authentication with NORTEL 3408 Switch was failed. ACS Authentication Failure Code was a " ACS password invalid "
I read the post that RADIUS VSA is needed in my environment.but i can not search any sample Nortel VSA dictionary configuration. Need Notel specific VSA configuration.
View 4 Replies
View Related
May 14, 2011
Is there a way to configure an email notification for a specific authentication failure? Specifically, I'd like to see if I can have an email notifcation sent to me when failure reason is "13017 Received TACACS+ packet from unknown Network Device or AAA Client".
View 1 Replies
View Related
May 3, 2012
Just installed 2 E4200v2's for a customer today. Was very optimistic because they worked great in my lab, both for my Win7 laptop a MacBook. And after installing 1 on-site and testing w/ my laptop, it worked fine.BUT problems arose when I installed both at the same time (I don't think I ever did this in the lab) and then I tested some computers. Every computer that I tested (except mine of course), cannot authenticate correctly using the WPA2 password.
For the Mac's they get the error "The wi-fi network... requires a WPA2 password" then after entering the *correct* pswd, it says "Invalid password". They're a Mac shop, but I did try one other Win laptop and that also had a problem, and the error was something like "security mismatch" although I was rushed and didn't write it down.
View 2 Replies
View Related
Jul 13, 2011
At present we are using the Ciscoworks LMS bunde 3.0. I would like to upgrade to LMS 3.1.
My Question: Is it possible to upgrade to LMS 3.1 with using the existing LMS 3.0 license.
View 2 Replies
View Related
Aug 31, 2011
There was a interface down in one of critical devices in the network.that particular log is not captured by the ciscoworks(DFM-alerts).
View 1 Replies
View Related
Sep 11, 2011
I need download LMS 4.0 eval trial. But i can't see any link down on url...
View 1 Replies
View Related
Oct 23, 2011
I upgraded the LMS 4.0 with LMS 4.0.1 but now the events are removed of Fault View. The equipments than I am monitoring are: ME-3600, ME-3800 and ASR 9000. This is a configuration problem or I have to update something else?
View 1 Replies
View Related
Jul 10, 2011
I have upgraded our LMS 3.x to the new LMS 4.x Version. have installed the new 4.x on an new server and importet the backup.
I have importet a Certificate and have enabled the Browser-Server Security Mode, Enabled I added some new Netshow Jobs which run every day.
I get the email from the jobs and the URL in the email but, URL
When i click on the link i only get:
Forbidden: You don't have permission to access /rme/NSViewJobResults.do on this server.
Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.
i must change the link to Urls there anywhere an option to edit the text which is send with the jobs, to fix the url?
View 4 Replies
View Related
Sep 26, 2011
I am running CiscoWorks LMS 4.0.1 since 6 months and I wanted to generate today a report about the interface utilization on 2 Cisco switches (Catalyst 3750G). The corresponding job is created, it runs and then i get "succeeded with info" in the "Run Status" column. When I want to click then on the "View Report" link, I get the following error: "Could not generate the report. Either data is not available for the specified duration or the report job failed."
I tried the same procedure with 2 other switches but I have got the same result.
View 1 Replies
View Related
Jul 25, 2011
A while back we were looking into upgrading our SUN/Oracle server to better service our CiscoWorks. Our vendor (partnered Cisco Vendor) told us that Cisco was developing an appliance like WCS and CNR that runs Redhat for CiscoWorks.Does any one have any info on this or could this be a rumor?
We do not run Windows devices on any of our network enterprise and this would be so cool!
Oracle is getting to be a clone of Windows..in our opinion
If this is true, I will happy to sit and wait for it.
We now run LMS 4.0 on a SUN/Oracle T2000 and it seems to be bottlenecking.
View 2 Replies
View Related
Dec 11, 2011
How to get Ciscoworks LMS 4.0.1 serial number ? I need that to put the product under mainrtenance, and I can't manage to get it.
View 2 Replies
View Related
Jul 13, 2011
I am having LMS 2.5 and nearly 50 cisco 3560 in my network. And I want to configure rcp. How can I do it.
View 1 Replies
View Related
Jun 20, 2012
how to integrate NetFlow to some Ciscoworks module.
View 3 Replies
View Related
Dec 20, 2010
When trying to start CiscoWorks Daemon Manager i get the following message:"The CiscoWorks Daemon Manager service on local computer started and the stoped. Some services stop automatically if they are not in use by other services or programs."I have tring starting the service from DOS also and get,E:Program FilesCSCOpxsetupsupport>net start crmdmgtdThe CiscoWorks Daemon Manager service is starting.The CiscoWorks Daemon Manager service could not be started. The service did not report an error. More help is available by typing NET HELPMSG 3534.
View 11 Replies
View Related
Nov 6, 2012
I am looking for a way to get CiscoWorks LMS 4 to send me an email alert when a switch port goers into a security violation (err-disabled).
View 2 Replies
View Related
Jul 26, 2011
I am trying to use Ciscoworks LMS3.2 with RME 4.3.1. to upgrade many, many Cat3750x stacks we have laying around. The problem I am having is that Ciscoworks downloads the new image to the Stack’s master switch only and not to all switches. When I reload the stack after the download, any switch could become the master. I already set up the priority to always have the same master, but the process is unreliable and more than once I ended up with another switch as a master. In any case if the master is not the switch with the new image, the stack will keep the old image as their running image and the switch with the newer image has problems joining the stack (after a while it downgrades and become stable)I know how to do it manually, but I was hoping Ciscoworks would be able to do this for me. It would make my life much easier.
View 1 Replies
View Related
Nov 24, 2012
I upgraded CiscoWorks LMS from 3.0 to 3.2 today. Everything worked prior to the upgrade.The upgrade was successful, with no errors, and all services started. check everything and I see no problem. The system creates the file MDCSupportInformation.zip me clean without any content.I add the installation log file;And tell them that after upgrading to 3.2, you carge the following patches:
LMS321-win-CSCtr77570-0.zip,
cm5.2.1-nt-CSCtw88763-1.0.zip,
lms3.2.1-win-CSCts95764-0.zip,
lms3.2.1-win-CSCts82530-0.zip
in that order.He added the logs generated by the LMS services Tomcat and Apache
View 4 Replies
View Related
Nov 20, 2011
I set up RME several years ago on our Ciscoworks several running LMS 3.2 to notify us on any BGP flaps via email notification.I noticed the last couple maintenance period where we had perform Circuit work with our ISP's. We haven't received any emails....I verified those routers are configured to send notifications in the Device Selector and even checked the router logs.
004161: Nov 20 05:04:52 EST: %BGP-5-ADJCHANGE: neighbor X.X.X.X Down BGP Notification sent
004162: Nov 20 05:04:52 EST: %BGP-3-NOTIFICATION: sent to neighbor X.X.X.X 4/0 (hold time expired) 0 bytes
The syslog collector status appears to be normal.....
View 3 Replies
View Related
Nov 11, 2012
I'm using CiscoWorks LMS 4.0.1 and I need to activate a remote syslog collector.Installation occur without errors and the test subscription is fine but syslog reports are always empty!These two servers need to communicate through a firewall.I'm not able to define a correct rule, a "permit ip any any" does not work also!
View 1 Replies
View Related
Sep 18, 2011
I'm installing CiscoWorks LMS 4.0 on a server running Windows 2008 R2 Standard Ed, 64 bit. I'm using the patch to run the setup program. Now I'm upgrading to 4.0.1 without using the patch.
View 1 Replies
View Related
Jan 9, 2013
how to add newly installed network elements on our CiscoWorks LMS 3.2.
View 1 Replies
View Related
Nov 6, 2011
i am currently trying to use LMS 3.2 Compliance management to verify and alter our access port configurations for 802.1x. Below is our current configuration
View 1 Replies
View Related
