dot.Security: [Technical] - ACS 'Server Secret Mismatch' Error.

Tuesday 16 September 2008

[Technical] - ACS 'Server Secret Mismatch' Error.

I saw an issue where the following error was being displayed even when the shared key matched. (Or seemed to..)

"Authentication Server not responding: AAA decode failure.. server secret mismatch"

This was seen on an Cisco ASA firewall running 8.0.4 code. The ACS log would either show "Key Mismatch" or "CS password invalid" (using Radius)

The shared key was the same as that in the Network Configuration of ACS, however "Network Device Groups" were being used and the default key for the network device group was different to the specific device key and took priority.

Use the network device group (NDG) key or don't set a NDG key.

Bob

5 comments:

Brian said...: I ran into this very scenario, and let me tell you how much it was pissing me off! Thanks for the info...it fixed it like a charm!

-- Brian; 24 September 2009 at 14:49
Anonymous said...: Thanks! It solved my problem; 11 May 2010 at 07:59
Anonymous said...: Thanks!

It solved my problem of monitoring a ACS; 11 May 2010 at 07:59
Anonymous said...: Thanks for posting. You just helped solve my problem too!; 26 August 2010 at 02:04
Anonymous said...: Thanks for the hint, much appreciated.; 19 October 2011 at 13:02

dot.Security

Tuesday 16 September 2008

[Technical] - ACS 'Server Secret Mismatch' Error.

5 comments:

About Me

Fantastic Reference Books!

Blog Archive