[c-nsp] Cisco NAC - SSO Issues
Antonio Soares
amsoares at netcabo.pt
Tue Sep 15 10:19:51 EDT 2009
I found a matching bug in the meanwhile but the workaround does not work:
+++++++++++++++++++++++++++++++++++++++++
CSCsk46672 Bug Details
CAS stops listening on 8910 after threads in CLOSE_WAIT state
Symptom:
Agent fails to perform ADSSO
Conditions:
CAS no longer listening to tcp port 8910 because 50 threads are already in CLOSE_WAIT state
Workaround:
Under Device Management > Clean Access Servers > CAS > Windows Auth
Click UPDATE on SSO service to flush the CLOSE_WAIT states
+++++++++++++++++++++++++++++++++++++++++
The box i'm troubleshooting is running release 4.0.5.
Regards,
Antonio Soares, CCIE #18473 (R&S)
amsoares at netcabo.pt
-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Antonio Soares
Sent: terça-feira, 15 de Setembro de 2009 13:57
To: cisco-nsp at puck.nether.net
Subject: [c-nsp] Cisco NAC - SSO Issues
Hello group,
I'm troubleshooting a NAC issue. I see lot's of CLOSE_WAIT sessions on the CAS and i need to find a way to restart the SSO service
(TCP:8910) without restarting the whole box. Disabling the option "Enable Agent-Based Windows Single Sign-On with Active Directory
(Kerberos)" in the CAM does not do the job. I think that after clearing these TCP stuck sessions, Single Sign-On will work again.
Thanks.
Regards,
Antonio Soares, CCIE #18473 (R&S)
amsoares at netcabo.pt
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list