https://community.cisco.com/t5/network-access-control/multiple-remote-agent/m-p/1642950#M287994 <P>Hi All,</P><P>I've installed ACS 4 version. we have multiple device group which all of them use the same AD for authentication. we have created multiple NDG, now I need to create remote agent with the same IP address for each NDG but ACS doesn't let me to create multiple remote agent with the same IP address. how can I create multiple NDG, but all use the same remote agent?</P><P>thanks</P><P>Alex</P> Mon, 11 Mar 2019 00:42:02 GMT alex goshtaei 2019-03-11T00:42:02Z https://community.cisco.com/t5/network-access-control/multiple-remote-agent/m-p/1642950#M287994 <P>Hi All,</P><P>I've installed ACS 4 version. we have multiple device group which all of them use the same AD for authentication. we have created multiple NDG, now I need to create remote agent with the same IP address for each NDG but ACS doesn't let me to create multiple remote agent with the same IP address. how can I create multiple NDG, but all use the same remote agent?</P><P>thanks</P><P>Alex</P> Mon, 11 Mar 2019 00:42:02 GMT https://community.cisco.com/t5/network-access-control/multiple-remote-agent/m-p/1642950#M287994 alex goshtaei 2019-03-11T00:42:02Z https://community.cisco.com/t5/network-access-control/multiple-remote-agent/m-p/1642951#M288017 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>I am not sure if i understood your question properly. Anyway, i am defining my understanding below:</P><P></P><P>AAA clients are defined in the NDG on the ACS appliance.</P><P>ACS Appliance authenticates via AD.</P><P>ACS appliance needs RA to talk to AD.</P><P></P><P>Now in from your question, here is my understanding:</P><P>AAA Clients are defined in NDG. they are to authenticate via the AD. so to talk to AD we need to define RA per NDG.</P><P></P><P>Is that correct as your question?</P><P></P><P>If yes, then the flow is somewhat like this:</P><P>AAA Client sends authentication request.</P><P>The request reaches the ACS Appliance. For the appliance it is just a request no matter from where it comes. It sees that this has to be authenticated via the AD. inorder to do that it has to forward to the Remote Agent. so it will forward to Remote Agent which in turn will forward to the AD.</P><P></P><P>So, RA defination per NDG does not come into picture.</P><P></P><P>For reference purpose the link describing the NDG is as follows:</P><P><A href="http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/user/guide/NetCfg.html#wp342699">http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/user/guide/NetCfg.html#wp342699</A></P><P></P><P>The link for Remote Agent is as follows:</P><P><A href="http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_solution_engine/3.3/installation/guide/remote_agent/rawo.html">http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_solution_engine/3.3/installation/guide/remote_agent/rawo.html</A>.</P><P></P><P>I hope i have answered the question.</P><P></P><P>Regards,</P><P>Anisha</P><P></P><P>P.S.: Please mark this link resolved if you feel the query is answered.</P></BODY></HTML> Sat, 08 Jan 2011 04:43:18 GMT https://community.cisco.com/t5/network-access-control/multiple-remote-agent/m-p/1642951#M288017 andamani 2011-01-08T04:43:18Z https://community.cisco.com/t5/network-access-control/multiple-remote-agent/m-p/1642952#M288050 <HTML><HEAD></HEAD><BODY><P><SPAN style="font-family: arial,helvetica,sans-serif; color: #800000;">Hello,</SPAN></P><P></P><P><SPAN style="font-family: arial,helvetica,sans-serif; color: #800000;">You do not need to create the same Remote agent entry in every NDG. Just create one entry for the ACS server in the Not assigned group and it would work as an agent for all NDGs.<BR /></SPAN></P><P><SPAN style="font-family: arial,helvetica,sans-serif; color: #800000;"><BR /></SPAN></P><P><SPAN style="font-family: arial,helvetica,sans-serif; color: #800000;">What important here is to select the right remote agent under the external user database &gt;&gt; database configuration &gt;&gt; windows database &gt;&gt; remote agent selection.</SPAN></P><P><SPAN style="font-family: arial,helvetica,sans-serif; color: #800000;"><BR /></SPAN></P><P><SPAN style="font-family: arial,helvetica,sans-serif; color: #800000;">Hope this helps.</SPAN></P><P><SPAN style="font-family: arial,helvetica,sans-serif; color: #800000;"><BR /></SPAN></P><P><SPAN style="font-family: arial,helvetica,sans-serif; color: #800000;">Regards,</SPAN></P><P><SPAN style="font-family: arial,helvetica,sans-serif; color: #800000;">Jatin</SPAN></P><P></P><P><SPAN style="font-family: arial,helvetica,sans-serif; color: #800000;"><BR /></SPAN></P><P><SPAN style="font-family: arial,helvetica,sans-serif; color: #800000;">~Do rate helpful posts.</SPAN></P></BODY></HTML> Sun, 09 Jan 2011 22:49:10 GMT https://community.cisco.com/t5/network-access-control/multiple-remote-agent/m-p/1642952#M288050 Jatin Katyal 2011-01-09T22:49:10Z