Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > CiscoSecure ACS replication & Check Point Firewall

Thread Tools

CiscoSecure ACS replication & Check Point Firewall

Posts: n/a
Dear techies,
I hope all of you can help me with this thoughest
problem. I had two CiscoACS servers (ver 3.2.1 on Windows 2K) which
both of it are behind both Check Point firewall (NG AI). As I
understand from the CiscoSecure documentation on database
replications, the data is in encrypted format and it used port 2000
for data transfering between both radiuses. I had setup Check Point
firewall and allowed port 2002 for database replication between both

Both of my radiuses using pre-shared secret key in order for both
radiuses securely communicate between each others. When I initialized
database replication process on first firewall, after a while an error
message occured saying "Database replication to ACS 'radius' aborted -
shared secret mismatch". The second radius reported the same error
message. I'm not sure whether the firewall had modified the packets
during the replication process.

Anybody had this problem ? Can anyone give me a solution for this

Reply With Quote
dumptrash dumptrash is offline
Junior Member
Join Date: Aug 2006
Posts: 1

ACS Internal Database Replication

Note: ACS does not support distributed deployments in a NAT environment. If a Primary or Secondary address is NATed, the database replication file will indicate shared secret mismatch.
Reply With Quote

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
CiscoSecure ACS v. 3.3 user TACACS+ password choice defaults not LDAP Cisco 2 04-23-2007 07:01 PM
CiscoSecure ACS 3.3 and MS Active Directory ? Cisco 2 02-06-2007 03:21 PM
CiscoWorks and CiscoSecure ACS the_Muttster Cisco 0 01-24-2006 07:33 AM
Re-enabling a user account in CiscoSecure ACS using CLI Jeff Cisco 0 01-16-2005 01:15 PM
ciscosecure acs certificate question Adam KOSA Cisco 0 01-05-2005 07:45 PM