LISTSERV - CLEANACCESS Archives - LISTSERV.MIAMIOH.EDU

CLEANACCESS Archives

November 2009

CLEANACCESS@LISTSERV.MIAMIOH.EDU

	LISTSERV Archives
	CLEANACCESS Home
	CLEANACCESS November 2009

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: CLEANACCESS Digest - 17 Nov 2009 to 18 Nov 2009 (#2009-184)
From:	Daniel Sichel <[log in to unmask]>
Reply To:	Cisco Clean Access Users and Administrators <[log in to unmask]>
Date:	Mon, 23 Nov 2009 09:12:47 -0800
Content-Type:	text/plain
Parts/Attachments:	text/plain (70 lines)

> I've tried using authorization and no-authorization techniques, made
sure
> the SSL certs were common within each HA pair, copied/pasted the DNs
into
> the authorization fields as suggested in Cisco's documentation, etc.
I
> rebooted each of the CAMs and CASes multiple times.  I re-ran the
perifgo
> config script to ensure the master password was the same, and so on...
O=
h,
> and I did install a license in the CAM for the CAS I'm trying to
import!
>=20
> I'm going to try to sneak a new service request into TAC.  Maybe even
pes=
ter
> our Cisco SE for some help if that doesn't work.  In the meantime,
does
> anyone recognize my problem or have any tricks to share?  I'm guessing
th=
is
> new CAS/CAM association technique started around 4.5.
>=20
> I've been lurking in this mail list even though I myself haven't been
act=
ive
> in quite awhile.  Seen lots of people leave for other solutions.  Seen
ev=
en
> fewer discussions around 4.5+ releases.  Hoping that this list isn't
quit=
e
> dead yet!
>=20
> Thanks for any advice!

********************

I seem to recall a similar problem. Sorry but I don't remember the
precise solution and this was just one more issue in the welter of
problems that we had.  I believe I solved this by issuing and importing
certs for each CAS, one that was requested from the "real" IP of the
CAS, and one that was requested from the "shared ip" of the CAS,  As I
recall importation was a huge pain in the keister, involving resiting
the gui after using vi on a file on the CAS at one point. Sorry, I know
that's about as specific as a check engine light, but it's the best I
can recall. I am setting up a virtual test environment to do  a walk
through of our upgrade from 4.5.0 to current. If this re-occurs, I'll be
sure to post. 

</begin unsolicited rant/>
BTW as a general gripe to any Cisco lurkers out there, How many $#*&^&!
Releases do we have to go through before somebody there bothers to write
a manual that corresponds to reality for this project? I am so bloody
sick and tired of calling tac only to be told that that feature is
broken/missing/documented wrong. And don't even start with the "give me
an example stall" I HAVE SENT IN BY ACTUAL COUNT THREE DOCUMENTATION
ERRORS.  MAJOR like the IP/Mac address feature that DOES NOT WORK PERIOD
END OF DISCUSSION but as of release 4.5.0 STILL APPEARS ON THE *(^&*%!
FRICKIN' SCREEN FOR CRYING OUT LOUD.  If you're sensing a high
frustration level, you are accurately reading my feelings on this topic.
It is an ongoing disgrace that I don't have a manual worth using for a
$20,000+ that I pay MAINTENANCE ON!!!!!
Don't bother contacting me off list, I have been down that dead end road
before, just fix this crap. If the rest of your products were handlied
like this, they would all be in my dumpster. Thank heavens they are not.

</end unsolicited rant/>

ATOM RSS1 RSS2

LISTSERV.MIAMIOH.EDU