Troubleshooting Users

This chapter contains the following sections:

Troubleshooting Cisco ACI Multi-Site External User Authentication

Use the following tips to troubleshoot external user authentication problems.

Procedure

Step 1

To investigate the error Authentication method failed, verify the following:

  • The key given in the Provider configuration is correct

  • The Multi-Site (client) IP address is registered in the remote Cisco ACS server
Step 2

To investigate the error Invalid user credentials, verify the following:

  • The username entered on the Multi-Site login screen is correct and matches one that is configured on the Cisco ACS server

  • The password entered on the Multi-Site login screen is correct and matches one that is configured on the Cisco ACS server
Step 3

If the user sees a Loading icon, followed by the errors Loading ... and Authentication method failed, verify the following:

  • The IP address in the Provider configuration is correct

  • The IP addresses for the Provider and Cisco ACS are reachable

  • The port and protocol in the Provider configuration is correct

  • The correct authentication method (TACACS+ or RADIUS) is selected on the remote ACS server under ...Network Devices and AAA Clients > Authentication Options

  • The correct shared secret is provided in the remote ACS server user configuration, and it is not empty
Step 4

If the user is able to login, but is not able to see anything or is not able to see any tabs on the Multi-Site GUI, verify that the Cisco AV Pair and the roles are configured correctly for that user, on the remote ACS server.