Cisco Secure ACS Online Troubleshooting Guide, 4.1 - Index [Cisco Secure Access Control Server for Windows]

Table Of Contents

A - B - C - D - E - F - G - I - K - L - M - N - O - P - R - S - T - U - V - W -

Index

A

AAA client times out     2-6

AAA servers

troubleshooting     1-1, 2-1

accounting logs

missing     2-28

ACE SDI server     2-16

ACS Backup     1-19

ACS folder is locked     2-26

ACS Restore     1-19

ACS State Collector utility     1-6

Active Directory

configuration     2-17

administrator

database corruption     2-9

event notification     2-3

locked out     2-2, 2-11

remote (has no access)     2-4

remote (logon failed message)     2-4

remote access to browser     2-3

remote cannot browse     2-9

remote login     2-3

antivirus software     1-12

AppEventDump.txt file     1-9

application-specific performance     1-15

attributes

missing     2-34

audit server

returns failure     2-25

authentication

cannot enable in TACACS+     2-12

cannot enable on TACACS+     2-11

diagnosing     2-5

failure with PAP     2-22

failures     1-2

for unknown NAS     2-6

logging halted     2-32

request not in external database     2-7

retry interval     2-5

TACACS+ fails     2-8

unknown users     2-14

authorization

policy     2-13

unexpected     2-7

autorun.sh execution problems     2-28

B

backup

internal database     1-19

process     1-20

browser

access     2-3

cannot display web interface     2-8

crash on opening ACS     2-9

incomplete pages     2-8

lost connection     2-9

C

callback not working     2-22

cautions

significance of     x

Cisco IOS commands

ACS does not deny     2-11

CLI commands

for troubleshooting     1-21

conventions     ix

CSAdmin     1-14

CSAgent.log     1-15

CSAuth     1-14, 1-15

CSDBSync     1-14

CSLog     1-14

CSLogAgent.log     1-15

CSMon     1-14, 1-15

CSRadius     1-14

cssupport.exe     1-6, 1-7

CSTacacs     1-14

CSUtil     1-14

CSWinAgent.log     1-15

D

databases

ACS database files     1-12

administrator database corruption     2-9

external user database     2-14

improper operation of external databases     2-16

internal with bad MAC mapping     2-30

LDAP with wrong MAC mapping     2-30

RDBMS synchronization     2-13

replication     2-14

using LDP.exe with LDAP     1-13

devices

check for problems     1-3

missing in Logged in User report     2-32

device-type

mismatch     2-24

no attribute returned     2-24

dial-in users

callback not working     2-22

cannot connect     2-19

dial-in not disabled     2-5

documentation

conventions     ix

objectives     ix

related     xi

dump text file     1-20

E

EAP

invalid signature     2-11

logging     1-17

error codes     A-1

Error Message Decoder     1-6

Event Viewer files     1-9

external user database     2-14

F

Failed Attempts logs     1-2

Field Notices     1-5

G

GAME protocol

audit server failure     2-25

configuration     2-23

policies and groups     2-23

generic host system state     1-15

group

mapping problem     2-16

move without inheriting new settings     2-5

I

installation

related documentation     xi

interoperation does not work between builds     2-28

K

keys

match     2-6

L

LDP.exe utility     1-13

LEAP authentication failure     2-7

logging

and authentication problems     2-32

failed attempts     1-2

interpreting logs     1-3

level     1-14

logging services     1-14

Passed Authentications     1-3

Remote Agent     1-15

removing log files     2-29

service logs     2-32

too many log files     2-29

two entries for one session     2-32

Windows services log files     1-14

M

MAC address

with internal database     2-30

with LDAP     2-30

MaxSessions

does not take effect     2-33

fluctuations     2-33

problems over VPDN     2-33

monitoring

service     1-14

MSInfo.txt file     1-9

N

NAC Nonresponsive Endpoint limit     2-12

NRE limit     2-12

NTLMv2

does not work     2-18

O

Output Interpreter     1-6

P

package.cab file     1-3, 1-6

policy

authorization     2-13

posture

mismatches     2-10

Product Literature     1-5

proxy requests

failures     2-29

R

rad_mon.dll     2-26

RADIUS

attributes missing     2-34

RADIUS extension DLL rejected user error     2-7

Radtest     1-4

RDBMS Synchronization     2-13

Registry File     1-9

rejected request     2-30

related documentation     xi

remote agent

log files     1-15

replication

database     2-14

reports

blank     2-31

Logged in User reports lack devices     2-32

missing unknown user information     2-31

old format dates persist     2-32

request is rejected     2-30

resource.txt file     1-9

restart services     2-2

restore

internal database     1-19

restore process     1-20

retry interval     2-5

S

SecEventDump.txt file     1-9

Security Advisories, Responses and Notices     1-5

Security and Identity Management     1-5

Service Log Files     1-9

services

cannot restart     2-26

restart     2-2

starting     1-2

setup hangs     2-26

SPT

configuration     2-13

SysEventDump.txt file     1-9

System Posture Token

configuration     2-13

system resource consumption     1-15

T

tac_mon.dll     2-26

Tactest     1-4

token servers

no incoming requests     2-15

RSA implementation     2-15

Troubleshoot and Alert     1-5

troubleshooting

AAA servers     1-1, 2-1

authentication     2-4

authorization     2-4

browser     2-8

database     2-13

dial-in connections     2-19

EAP protocols     2-22

GAME protocol     2-23

installations     2-25

interoperability problems     2-28

logging     2-29

MAC authentication bypass problems     2-30

Network Admission Control     2-10

Remote Agent     2-30

reports     2-31

upgrades     2-25

user group management     2-33

Troubleshooting Guides     1-5

Troubleshooting TechNotes     1-5

U

unauthorized users     2-2

uninstall

cannot complete     2-27

invalid file or data     2-27

unknown users     2-14

information missing in reports     2-31

upgrade

cannot complete     2-27

invalid file or data     2-27

upgrade command     2-28

user or group information

exporting     1-20

users

duplicate     2-15

V

VPDN

MaxSessions not working     2-33

W

warnings

significance of     x

web interface

using with Solution Engine     1-23

web pages

incomplete     2-8

with Sybase     1-12

	Cisco Secure ACS Online Troubleshooting Guide, 4.1
	Index
Cisco Secure ACS Online Troubleshooting Guide, 4.1 Title Pages Table of Contents Preface How to Troubleshoot ACS Common Problems Error Codes Index	Download this chapter Index Table Of Contents A - B - C - D - E - F - G - I - K - L - M - N - O - P - R - S - T - U - V - W - Index A AAA client times out 2-6 AAA servers troubleshooting 1-1, 2-1 accounting logs missing 2-28 ACE SDI server 2-16 ACS Backup 1-19 ACS folder is locked 2-26 ACS Restore 1-19 ACS State Collector utility 1-6 Active Directory configuration 2-17 administrator database corruption 2-9 event notification 2-3 locked out 2-2, 2-11 remote (has no access) 2-4 remote (logon failed message) 2-4 remote access to browser 2-3 remote cannot browse 2-9 remote login 2-3 antivirus software 1-12 AppEventDump.txt file 1-9 application-specific performance 1-15 attributes missing 2-34 audit server returns failure 2-25 authentication cannot enable in TACACS+ 2-12 cannot enable on TACACS+ 2-11 diagnosing 2-5 failure with PAP 2-22 failures 1-2 for unknown NAS 2-6 logging halted 2-32 request not in external database 2-7 retry interval 2-5 TACACS+ fails 2-8 unknown users 2-14 authorization policy 2-13 unexpected 2-7 autorun.sh execution problems 2-28 B backup internal database 1-19 process 1-20 browser access 2-3 cannot display web interface 2-8 crash on opening ACS 2-9 incomplete pages 2-8 lost connection 2-9 C callback not working 2-22 cautions significance of x Cisco IOS commands ACS does not deny 2-11 CLI commands for troubleshooting 1-21 conventions ix CSAdmin 1-14 CSAgent.log 1-15 CSAuth 1-14, 1-15 CSDBSync 1-14 CSLog 1-14 CSLogAgent.log 1-15 CSMon 1-14, 1-15 CSRadius 1-14 cssupport.exe 1-6, 1-7 CSTacacs 1-14 CSUtil 1-14 CSWinAgent.log 1-15 D databases ACS database files 1-12 administrator database corruption 2-9 external user database 2-14 improper operation of external databases 2-16 internal with bad MAC mapping 2-30 LDAP with wrong MAC mapping 2-30 RDBMS synchronization 2-13 replication 2-14 using LDP.exe with LDAP 1-13 devices check for problems 1-3 missing in Logged in User report 2-32 device-type mismatch 2-24 no attribute returned 2-24 dial-in users callback not working 2-22 cannot connect 2-19 dial-in not disabled 2-5 documentation conventions ix objectives ix related xi dump text file 1-20 E EAP invalid signature 2-11 logging 1-17 error codes A-1 Error Message Decoder 1-6 Event Viewer files 1-9 external user database 2-14 F Failed Attempts logs 1-2 Field Notices 1-5 G GAME protocol audit server failure 2-25 configuration 2-23 policies and groups 2-23 generic host system state 1-15 group mapping problem 2-16 move without inheriting new settings 2-5 I installation related documentation xi interoperation does not work between builds 2-28 K keys match 2-6 L LDP.exe utility 1-13 LEAP authentication failure 2-7 logging and authentication problems 2-32 failed attempts 1-2 interpreting logs 1-3 level 1-14 logging services 1-14 Passed Authentications 1-3 Remote Agent 1-15 removing log files 2-29 service logs 2-32 too many log files 2-29 two entries for one session 2-32 Windows services log files 1-14 M MAC address with internal database 2-30 with LDAP 2-30 MaxSessions does not take effect 2-33 fluctuations 2-33 problems over VPDN 2-33 monitoring service 1-14 MSInfo.txt file 1-9 N NAC Nonresponsive Endpoint limit 2-12 NRE limit 2-12 NTLMv2 does not work 2-18 O Output Interpreter 1-6 P package.cab file 1-3, 1-6 policy authorization 2-13 posture mismatches 2-10 Product Literature 1-5 proxy requests failures 2-29 R rad_mon.dll 2-26 RADIUS attributes missing 2-34 RADIUS extension DLL rejected user error 2-7 Radtest 1-4 RDBMS Synchronization 2-13 Registry File 1-9 rejected request 2-30 related documentation xi remote agent log files 1-15 replication database 2-14 reports blank 2-31 Logged in User reports lack devices 2-32 missing unknown user information 2-31 old format dates persist 2-32 request is rejected 2-30 resource.txt file 1-9 restart services 2-2 restore internal database 1-19 restore process 1-20 retry interval 2-5 S SecEventDump.txt file 1-9 Security Advisories, Responses and Notices 1-5 Security and Identity Management 1-5 Service Log Files 1-9 services cannot restart 2-26 restart 2-2 starting 1-2 setup hangs 2-26 SPT configuration 2-13 SysEventDump.txt file 1-9 System Posture Token configuration 2-13 system resource consumption 1-15 T tac_mon.dll 2-26 Tactest 1-4 token servers no incoming requests 2-15 RSA implementation 2-15 Troubleshoot and Alert 1-5 troubleshooting AAA servers 1-1, 2-1 authentication 2-4 authorization 2-4 browser 2-8 database 2-13 dial-in connections 2-19 EAP protocols 2-22 GAME protocol 2-23 installations 2-25 interoperability problems 2-28 logging 2-29 MAC authentication bypass problems 2-30 Network Admission Control 2-10 Remote Agent 2-30 reports 2-31 upgrades 2-25 user group management 2-33 Troubleshooting Guides 1-5 Troubleshooting TechNotes 1-5 U unauthorized users 2-2 uninstall cannot complete 2-27 invalid file or data 2-27 unknown users 2-14 information missing in reports 2-31 upgrade cannot complete 2-27 invalid file or data 2-27 upgrade command 2-28 user or group information exporting 1-20 users duplicate 2-15 V VPDN MaxSessions not working 2-33 W warnings significance of x web interface using with Solution Engine 1-23 web pages incomplete 2-8 with Sybase 1-12
	© 1992-2008 Cisco Systems, Inc. All rights reserved. Terms & Conditions \| Privacy Statement \| Cookie Policy \| Trademarks of Cisco Systems, Inc.