Guest

Preview Tool

Cisco Bug: CSCun26286 - ISR Creates IP Admission Entry for Hostname Before User Login

Last Modified

Nov 27, 2020

Products (1)

  • Cisco Software Activation on Integrated Services Routers

Known Affected Releases

15.4(1)T1

Description (partial)

Symptom:
When using the IP admission feature on an ISR, users may authenticate with their workstation hostname instead of their Active Directory user credentials when authenticating via NTLM.  This will cause them to show up in the Cisco Cloud Web Security portal as their workstation name (WORKSTATION_NAME$) instead of their username (jsmith).

Conditions:
1.  The workstation has an application, service, or script that generates HTTP traffic prior to a user logging onto the workstation

2.  The ISR is configured for NTLM authentication

3.  The base-dn in the LDAP configuration on the ISR includes the entire AD directory so that the LDAP searches for the computer name are successful and therefore the LDAP authentication request is successful
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.