Cisco ACS - Only Use Internet Explorer

Started by deanwebb, June 08, 2016, 12:54:47 PM

Previous topic - Next topic
Print
Go Down Pages1 2
User actions

deanwebb

June 08, 2016, 12:54:47 PM
Just had a guy blow up our ACS by editing rules using Firefox. Cisco said to use only IE, since Firefox will wipe out the database.

I hope everyone here learns from the mistakes of others. This one's a biggie, since there's no flashing warning sign when folks log on with Firefox...

:tmyk:
Take a baseball bat and trash all the routers, shout out "IT'S A NETWORK PROBLEM NOW, SUCKERS!" and then peel out of the parking lot in your Ferrari.
"The world could perish if people only worked on things that were easy to handle." -- Vladimir Savchenko
Вопросы есть? Вопросов нет! | BCEB: Belkin Certified Expert Baffler | "Plan B is Plan A with an element of panic." -- John Clarke
Accounting is architecture, remember that!
Air gaps are high-latency Internet connections.

deanwebb

#2
June 08, 2016, 03:56:17 PM
Even crazier, I remember Cisco telling me to *not* use IE when editing rules/policies in ISE, due to it renumbering all the rules/policies in a crazy way.

So we got one browser that kills ACS but saves the day in ISE and another browser that's the exact opposite.

:facepalm1:
Take a baseball bat and trash all the routers, shout out "IT'S A NETWORK PROBLEM NOW, SUCKERS!" and then peel out of the parking lot in your Ferrari.
"The world could perish if people only worked on things that were easy to handle." -- Vladimir Savchenko
Вопросы есть? Вопросов нет! | BCEB: Belkin Certified Expert Baffler | "Plan B is Plan A with an element of panic." -- John Clarke
Accounting is architecture, remember that!
Air gaps are high-latency Internet connections.

DanC

#3
June 08, 2016, 05:07:29 PM
Jesus that's bad! It's been 12 months since I used ACS but the only browser I could get to work properly was a really old version of Firefox (version 12 IIRC). I'm pretty sure it was in the release notes as supported too!

deanwebb

#4
June 08, 2016, 05:10:26 PM Last Edit: June 08, 2016, 05:11:57 PM by deanwebb
Our guy used Firefox because Chrome and IE didn't display all the fields he needed to view, while Firefox did. So he made a change, a teeny tiny change, clicked save and then...

MELTDOWN

We are now providing product feedback to the Cisco ACS developers.

:developers:

Did get back that putting the ACS website into "compatibility mode" will allow all the fields to display in IE. Nice to know, going forward.
Take a baseball bat and trash all the routers, shout out "IT'S A NETWORK PROBLEM NOW, SUCKERS!" and then peel out of the parking lot in your Ferrari.
"The world could perish if people only worked on things that were easy to handle." -- Vladimir Savchenko
Вопросы есть? Вопросов нет! | BCEB: Belkin Certified Expert Baffler | "Plan B is Plan A with an element of panic." -- John Clarke
Accounting is architecture, remember that!
Air gaps are high-latency Internet connections.

DanC

#5
June 08, 2016, 05:19:33 PM
That's crap.

I actually rate ACS too, it's a great product 'when' you find a stable version  ;D

Dieselboy

#6
June 08, 2016, 10:26:06 PM
Problems like this really pee me off. I don't think you can wholely blame the user here, unless you specifically gave him instructions which said something like DO NOT EFFING USE FIREFOX

deanwebb

#7
June 09, 2016, 08:55:11 AM
Quote from: Dieselboy on June 08, 2016, 10:26:06 PM
Problems like this really pee me off. I don't think you can wholely blame the user here, unless you specifically gave him instructions which said something like DO NOT EFFING USE FIREFOX

Believe me, we have given that instruction in the aftermath of the disaster. Still rebuilding the policies...
Take a baseball bat and trash all the routers, shout out "IT'S A NETWORK PROBLEM NOW, SUCKERS!" and then peel out of the parking lot in your Ferrari.
"The world could perish if people only worked on things that were easy to handle." -- Vladimir Savchenko
Вопросы есть? Вопросов нет! | BCEB: Belkin Certified Expert Baffler | "Plan B is Plan A with an element of panic." -- John Clarke
Accounting is architecture, remember that!
Air gaps are high-latency Internet connections.

mlan

#8
June 10, 2016, 01:28:40 PM
Dean, why not just restore the config from backup?

deanwebb

#9
June 10, 2016, 02:14:29 PM
That's part of the fun... turns out, the original backup failed, but all the incremental ones succeeded. A look at backup jobs shows the last 200 were all successful... they're just also useless because of that original failure...
Take a baseball bat and trash all the routers, shout out "IT'S A NETWORK PROBLEM NOW, SUCKERS!" and then peel out of the parking lot in your Ferrari.
"The world could perish if people only worked on things that were easy to handle." -- Vladimir Savchenko
Вопросы есть? Вопросов нет! | BCEB: Belkin Certified Expert Baffler | "Plan B is Plan A with an element of panic." -- John Clarke
Accounting is architecture, remember that!
Air gaps are high-latency Internet connections.

mmcgurty

#10
June 14, 2016, 07:42:49 PM Last Edit: June 14, 2016, 07:44:31 PM by mmcgurty
This just bit us yesterday.  Luckily we were able to restore from a backup but it took like most of the afternoon yesterday.  Total BS by Cisco.

https://www.cisco.com/c/en/us/support/docs/field-notices/641/fn64144.html

deanwebb

#11
June 14, 2016, 07:57:17 PM
I lol'd when I saw the date on the field notice... same date as when I started the thread...

:yeahright:
Take a baseball bat and trash all the routers, shout out "IT'S A NETWORK PROBLEM NOW, SUCKERS!" and then peel out of the parking lot in your Ferrari.
"The world could perish if people only worked on things that were easy to handle." -- Vladimir Savchenko
Вопросы есть? Вопросов нет! | BCEB: Belkin Certified Expert Baffler | "Plan B is Plan A with an element of panic." -- John Clarke
Accounting is architecture, remember that!
Air gaps are high-latency Internet connections.

Dieselboy

#12
June 14, 2016, 09:59:46 PM
Has that field notice been raised because of you guys?

deanwebb

#13
June 14, 2016, 10:10:35 PM Last Edit: June 14, 2016, 10:12:06 PM by deanwebb
Quote from: Dieselboy on June 14, 2016, 09:59:46 PM
Has that field notice been raised because of you guys?

Not going to say it was because of us... but it was because of us. When a large multinational has a product blow up and then asks for some kind of notification going forward, it gets some kind of notification. Long-term, we want flashing warning lights if someone logs in with The Wrong Browser.
Take a baseball bat and trash all the routers, shout out "IT'S A NETWORK PROBLEM NOW, SUCKERS!" and then peel out of the parking lot in your Ferrari.
"The world could perish if people only worked on things that were easy to handle." -- Vladimir Savchenko
Вопросы есть? Вопросов нет! | BCEB: Belkin Certified Expert Baffler | "Plan B is Plan A with an element of panic." -- John Clarke
Accounting is architecture, remember that!
Air gaps are high-latency Internet connections.

wintermute000

#14
June 15, 2016, 04:58:34 AM Last Edit: June 15, 2016, 06:40:45 AM by wintermute000
Long term you want clearpass
But no seriously, that is a DISGRACEFUL bug.


No worky with common browser X? irritating
Explosion with common browser X (with no warning either)? completely unacceptable.


Maybe we can rename this forum to ciscowritesshittysoftwarewhathappenedtotheirQA.com



Print
Go Up Pages1 2
User actions