Filter
Top Products
Appendix A Troubleshooting Information for Cisco Secure ACS
Dial-in Connection Issues
A-6
Cisco Secure ACS 3.0 for Windows 2000/NT Servers User Guide
78-13751-01, Version 3.0
Dial-in Connection Issues
Condition Recovery Action
A dial-in user is unable to make
a connection to the AAA client.
No record of the attempt appears
in either the TACACS+ or
RADIUS Accounting Report (in
the Reports & Activity section,
click TACACS+ Accounting or
RADIUS Accounting or Failed
Attempts).
Examine the Cisco Secure ACS Reports or AAA client Debug
output to narrow the problem to a system error or a user error.
Confirm the following:
• The dial-in user was able to establish a connection and ping the
Windows NT/2000 server before Cisco Secure ACS was
installed. If the dial-in user could not, the problem is related to
a AAA client/modem configuration, not Cisco Secure ACS.
• LAN connections for both the AAA client and the
Windows NT/2000 server supporting Cisco Secure ACS are
physically connected.
• IP address of the AAA client in the Cisco Secure ACS
configuration is correct.
• IP address of Cisco Secure ACS in AAA client configuration is
correct.
• TACACS+ or RADIUS key in both AAA client and
Cisco Secure ACS are identical (case sensitive).
• The command ppp authentication pap is entered for each
interface, if the Windows NT/2000 user database is being used.
• The command ppp authentication chap pap is entered for
each interface, if the Cisco Secure ACS database is being used.
• The AAA and TACACS+ or RADIUS commands are correct in
the AAA client. The necessary commands are listed in the
following:
Program Files\CiscoSecure ACS vx.x\TacConfig.txt
Program Files\CiscoSecure ACS v
x.x\RadConfig.txt.
• The Cisco Secure ACS Services are running (CSAdmin,
CSAuth, CSDBSync CSLog, CSRadius, CSTacacs) on the
Windows NT/2000 server.