I found this Bug in the meanwhile: +++++++++++++++++++++++++++++++++++++++++ CSCsk46672 Bug Details CAS stops listening on 8910 after threads in CLOSE_WAIT state
Symptom: Agent fails to perform ADSSO Conditions: CAS no longer listening to tcp port 8910 because 50 threads are already in CLOSE_WAIT state Workaround: Under Device Management > Clean Access Servers > CAS > Windows Auth Click UPDATE on SSO service to flush the CLOSE_WAIT states +++++++++++++++++++++++++++++++++++++++++ After applying this workaround, the number of TCP sessions in CLOSE_WAIT state went from 310 to 260. This resolved the issue but i still would like to clear them all without rebooting the box. Any ideas ? Thanks. Regards, Antonio Soares, CCIE #18473 (R&S) [email protected] -----Original Message----- From: Cisco Clean Access Users and Administrators [mailto:[email protected]] On Behalf Of Pete Boynton Sent: terça-feira, 15 de Setembro de 2009 17:29 To: [email protected] Subject: Re: SSO Issue How about disconnecting the CAS and connecting again: CCA Servers -> List of Servers-> Disconnect And then CCA Servers -> List of Servers-> Manage But I am not too sure. -----Original Message----- From: Cisco Clean Access Users and Administrators [mailto:[email protected]] On Behalf Of Antonio Soares Sent: Tuesday, September 15, 2009 11:39 AM To: [email protected] Subject: SSO Issue Hello group, This is my first on this list so forgive me to start with a problem :) I'm troubleshooting a NAC issue. I see lot's of CLOSE_WAIT sessions on the CAS and i need to find a way to restart the SSO service (TCP:8910) without restarting the whole box. Disabling the option "Enable Agent-Based Windows Single Sign-On with Active Directory (Kerberos)" in the CAM does not do the job. I think that after clearing these TCP stuck sessions, Single Sign-On will work again. Thanks. Regards, Antonio Soares, CCIE #18473 (R&S) [email protected]
