Cisco Systems OL-24201-01 manual Comparing Sgacl Policy Between a Network Device and ACS, 14-11

Chapter 14 Troubleshooting ACS with the Monitoring & Report Viewer

Working with Expert Troubleshooter

Step 3 Click Run.

The Progress Details page appears. The Monitoring & Report Viewer prompts you for additional input.

Step 4 Click the User Input Required button and modify the fields as described in Table 14-5.

The Troubleshooting Progress Details page appears. The Expert Troubleshooter retrieves the CLI response from the network device. A new window appears and prompts you to select the interfaces for which you want to analyze the interface configuration.

Step 5 Check the check boxes next to the interfaces that you want to analyze, and click Submit to evaluate the configuration of the interfaces.

The Progress Details page appears with a summary.

Step 6 Click Show Results Summary to view the troubleshooting summary.

The Results Summary page appears with the information described in Table 14-6. The missing configurations appear in red.

Related Topics

•Available Diagnostic and Troubleshooting Tools, page 14-1

•Connectivity Tests, page 14-1

•ACS Support Bundle, page 14-1

•Expert Troubleshooter, page 14-2

Comparing SGACL Policy Between a Network Device and ACS

For Security Group Access-enabled devices, ACS assigns an SGACL for every source SGT-destination SGT pair based on the Egress policy matrix that you configure in ACS. The Egress policy diagnostic tool does the following:

1.Connects to the device whose IP address you provide and obtains the ACLs for each source SGT— destination SGT pair.

2.Checks the Egress policy that is configured in ACS and obtains the ACLs for each source SGT— destination SGT pair.