Guest

Preview Tool

Cisco Bug: CSCvs01694 - Radsec authentication fails after revert

Last Modified

Jan 06, 2020

Products (1)

  • Cisco Web Security Appliance

Known Affected Releases

12.0.1-231

Description (partial)

Symptom:
Radsec authentication fails after revert

Conditions:
1.Netinstall WSA with 11.7.0 (base build) and do SSW
2.submit and commit the changes
3.Configure RADSEC :
   1.Navigate to Network--> certificate management--> (Appliance certificate)Add certificate --> Import cerficate-->(wsa030.cs1) Password:- ironport
   2.Navigate to Network-->Certificate management -->Manage certificate based Authentication--> Import--> (ca.cert.pem)
   3. System Administration--> Users--> External Authentication --> Enable --> password based authentication--> radius--> TLS
   Radius hostname--> wsa045-client01.cs1.devit.ciscolabs.com --> Port--> 2083(rtestuser/ironport)-select certificate wsa030.cs1
   4.click on Map all externally authenticated users to the Administrator role.
   5. Uncheck OCSP
   6.Submit and commit the changes
4.Add WSA details in RADSEC server and start the radiusd in debug mode using radiusd -fxx -l stdout & 
5.Upgrade WSA to latest 12.0.1 build and check RADSEC authentication is working fine
6.Revert the WSA to the previous build (11.7.0) and check whether RADSEC configuration is retained or not
7.RADSEC authentication should be working fine after revert
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.