[SXP-8] Not able to Configure ISE sxp with default password. Created: 30/Mar/15 Updated: 17/Apr/15 Resolved: 17/Apr/15 |
|
| Status: | Resolved |
| Project: | sxp |
| Component/s: | General |
| Affects Version/s: | unspecified |
| Fix Version/s: | None |
| Type: | Bug | ||
| Reporter: | bhargav krishnamurthy | Assignee: | Maros Marsalek |
| Resolution: | Done | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Environment: |
Operating System: Linux |
||
| External issue ID: | 2919 |
| Description |
|
Issue: Not able to configure ISE to do ether per peer password or default password. Only Password = None is working rest all it give md5 authentication fail. |
| Comments |
| Comment by Maros Marsalek [ 13/Apr/15 ] |
|
Proposed fix https://git.opendaylight.org/gerrit/#/c/18194/ Needs to be verified with ISE and ASA. Improper detection of connection with higher source IP address is not yet addressed. |
| Comment by Maros Marsalek [ 14/Apr/15 ] |
|
Testing ISRG2 and ASA with proposed fix: Setting same password in ODL and in remote device. Result: connection is not established. Reason: ISRG2/ASA send TCP SYN without MD5 signature/option -> Act as if no MD5 password was set. This looks like SXP in ISRG2 and ASA (that I was able to test against) with password for MD5 does not behave as expected (at least during TCP handshake). My configuration of ASA: SXP : Enabled |