Cisco 3.3 User Manual
Page 647
A-3
User Guide for Cisco Secure ACS for Windows Server
78-16592-01
Appendix A Troubleshooting
Administration Issues
Administrator configured for
event notification is not
receiving e-mail.
Ensure that the SMTP server name is correct. If the name is correct,
ensure that the computer running Cisco Secure ACS can ping the
SMTP server or can send e-mail via a third-party e-mail software
package. Make sure you have not used underscores in the e-mail
address.
Remote Administrator receives
“Logon failed . . . protocol error”
message, when browsing.
Restart the CSADMIN service. To restart the CSADMIN service,
from the Windows Start menu choose Control Panel > Services.
Click CSAdmin, and then Stop, and then Start.
If necessary, restart the server.
Remote administrator cannot
bring up Cisco Secure ACS from
his or her browser, or receives a
warning that access is not
permitted.
If Network Address Translation is enabled on the PIX Firewall,
administration through the firewall cannot work.
To administer Cisco Secure ACS through a firewall, you must
configure an HTTP port range in Administrator Control > Access
Policy. The PIX Firewall must be configured to permit HTTP traffic
over all ports included in the range specified in Cisco Secure ACS.
For more information, see
.
Unable to log in on Cisco Secure
ACS. Authentication fails.
Back up the NT Registry.
Use the regedit command and remove the users in the following:
HKEY_LOCAL_MACHINE\SOFTWARE\Cisco\CiscoAAA##\CSAdmin\Admin
istrators
Under the Administrators key you will see all administrators that
you have created. Delete the users and exit the Registry. Upon
accessing Cisco Secure ACS, you will not be prompted for a
username and password. After you have brought up the
Cisco Secure ACS HTML interface, you can re-add administrators.
Condition
Recovery Action