Network Access Control

we have dot1x and MAB features implemented in a Juniper infrastructure where we can bypass non dot1x devices using local database in the switches themselves.now we will migrate to cisco and need to deploy the same mab scenario locally on the switches...

Hello, My setup is Internet-----Juniper F/W--------Cisco ASAI have configured cut through proxy on ASA 5525X version 9.x. So, when a user tries to access a web server from internet he gets a prompt to enter his username and password. It works fine th...

Hello,I’m trying to setup following environment:WLC 5508 (OS 7.5)Up to 60 Access Points 1602ITwo SSID’s are requiredWPA/WPA2 Authentication is requiredMAC-Filter should also be usedI’ve done the following configuration:LAN Enviroment worksWLC Setup w...

Hello,How can I do user account never disable on Acs 5.x? Regards,

Hello Community, i want to know, if its possible to check with Cisco ISE if a ccmputer account in active directory is set enabled/disabled.We got an authorization aolicy working and want to add a check, that just enabled computer accounts in the acti...

I am trying to test an access policy in ACS 5.3, but I am unable to find how to use the new policy with a specific switch.  This is a live system and I cannot modify the "default device admin" policy until the new one is tested.I suspect it is a conf...

I'm migrating a Cisco ACS 5.4 Cisco ISE 1.2.1, I am creating a Profile Authorization to allow access L2TP VPN using 128-bit MPPE.I have 2 attributes called MS-MPPE-Encryption-Policy and MS-MPPE-Encryption-Types in the ACS and I can choose values smoo...

Hi to all,is there any way to selective restore items from an acs backup file?I need to restore an primary ACS 5.3 configuration to a new  ACS running 5.6 in order to do some tests before upgrading to 5.4 and then 5.6 but I need to be sure that distr...

Hello! I am currently using the open source TACACS+ server called "tac_plus" for Linux distributions. I have configured the configuration file correctly, I am able to log into ASDM using the one of the account's credentials created without an issue w...

Hi all, I am planning to add an additional node to an existing standalone ISE. I am however unsureabout the creation of the certificates. At the moment I am using a Thawte SAN windcard certificateon the primary host. The current host is located in a ...

HiI would like to find out if one can change the domain of the ISE to another domain after ISE has fully been implemented or do i have to rebuild the server again. ise version is 1.1.1i would like to change from xyz.abc.com to just abc.comthanks

Hi, Has anyone faced the below issue while doing backup.? I found that it was documented in a bug and shown as fixed but still getting even with patch 2https://tools.cisco.com/bugsearch/bug/CSCuq63732/?referring_site=bugquickviewclick Sun May 24 10:4...

Hi All,Can we able to create an admin username and password with role admin in the cli.I have access to the cli using a user account and I was trying to create an admin username and password.I have created one but i cannot access using those credenti...

I have below config on switch (C2960S-UNIVERSALK9-M), Version 15.0(2)SE7,aaa group server tacacs+ testgroup server name test1 server name test2 server name test3tacacs server test1 address ipv4 192.1.1.1 key 7 testkey timeout 3 single-connectionSimil...