Network Access Control

NAC error

Hello all, I face that error when NAC find the kaspersky is not updated and try to automatic update it. The remediation you are attempting has reported an internal error. If this problem persists please contact your system administrator so anyone kno...

What Secure Access/Mobility topics would you want to ask a Cisco expert about?

I'm working on bringing an "ask the expert" program to you where you can chat, in the community forums, directly with a Cisco expert about a designated topic for a set period of time (24-48 hours or so). Right now I want to collect your ideas for to...

Fallback authorization.Command authorization failed

Hi I configured my firewall for authenticaitona and authorization. I could login via telent/console with AD username & password but I could not do any command exces. (ie.sh run, conf t etc) and I get following errorallback authorization. Username 'xx...

ASA: Command authorization failed-ACS4.2

Hi,I have configure the ASA with AAA. It was doing the AAA authentication but as soon I have enter the command “aaa authorization command TACACS+ LOCAL”, I am able to login, but unable to run “show run, conf t, ping” commands. When I enter these comm...

Resolved! ISE migration for Cisco 3395 servers to Cisco SNS 3495 question

Hello all. I have a customer that is running ISE 1.2 on a Cisco 3395 server and wants to migrate to the Cisco SNS 3495 servers due to impending EoL. My question is -- does this customer need to purchase the Cisco SNS 3495 server with a whole new soft...

Cisco Secure ACS

Running Cisco Secure ACS version 5.6, we encounter the following problem. ACS sends me the following message: Cisco Secure ACS - Alarm NotificationSeverity: Warning Alarm NameSystem Alarm [Database Purging]Cause/TriggerThe number of incoming log mes...

tacacs.net with a WLC

So we have been running tacacs.net for a while and I have all my granular control I need for Switches, Routers and ASAs but we want to add WLCs to the list of devices we are using this for. I know it has to do with <Services> section of the authoriza...

ACS 5.3 authorization issue: 13025 Command failed to match a Permit rule

Hi, We have an issue where newly created users are getting "Command authorization failed" when trying to do anything. When we looked at the ACS, we see in the Authorization report "13025 Command failed to match a Permit rule" What we also noticed is ...

Tacacs not working on C2960 running c2960-lanbasek9-mz.122-52.SE.bin

I have several 2960's running 12.2(5x)SE. I have tacacs configured exactly the same way and yet on a few, I can't get it to work. I feel that the switch is simply not sending out tacacs traffic. Here is some output for your digestion:AAAAAA#sh run | ...

NAC agent no longer pops up after July Windows updates

Hi all,We having been getting reports of a handful of users not getting the Cisco NAC agent pop up window after installing the latest Microsoft July updates. Has anyone else seen this behavior? The users use the following: NAC Agent: 4.9.4.3Cisco IS...

NAC Agent not pop up

Hi All,Lately I installed NAC agent on 800 PC's around our campus through SCCM and we saw that some users did not receive the NAC agent completely.I means that one directory is Missing and the XML files as well are missing. NACAgentCFG.xml and NACAge...

Cisco NAC Agent problems in Win8.1 Pro (ISE 2.1 Deploy)

Hi all, I have a ISE deployment with posture validation that works fine but i have a problem with the Cisco NAC Agent Installed on windows 8.1 professional machines (64bit). The wired 802.1x authentication works fine, the endpoint is authenticated su...

Resolved! NAC agent failing to popup

Dears,I have two ISE appliances installed in a distributed deployment (primary "ISE1" and secondary "ISE2"), each node has the three personas installed on it. The servers are registered together and the replication is working prope...

Resolved! ACS 5.5 Backup Restore Test

Good day, I have two ACS 5.5 servers. One is Primary and one Secondary. The primary acts as a logging host as well and storage on this host has become a problem. As far as I understand a reload of the Primary ACS is neccessary after I have increased...

Resolved! Can WOL work while port configured to authenticate through ISE

Hi all, I tried WOL configuration L3 switch configuration I have no problem in it L2 switch configuration without ISE configuration interface fa0/1 switchport access vlan 100 switchport mode access spanning-tree portfast it works well but after I ...

Network Access Control

Forum Posts

NAC error

What Secure Access/Mobility topics would you want to ask a Cisco expert about?

Fallback authorization.Command authorization failed

ASA: Command authorization failed-ACS4.2

Resolved! ISE migration for Cisco 3395 servers to Cisco SNS 3495 question

Cisco Secure ACS

tacacs.net with a WLC

ACS 5.3 authorization issue: 13025 Command failed to match a Permit rule

Tacacs not working on C2960 running c2960-lanbasek9-mz.122-52.SE.bin

NAC agent no longer pops up after July Windows updates

NAC Agent not pop up

Cisco NAC Agent problems in Win8.1 Pro (ISE 2.1 Deploy)

Resolved! NAC agent failing to popup

Resolved! ACS 5.5 Backup Restore Test

Resolved! Can WOL work while port configured to authenticate through ISE

External MDM heartbeat interval and Azure Public IP idle timeout

Issue with Posture Agent "Checking for product updates..." 0%

ISE BYOD woth Entra ID failing

NetFlow Probe Profiling – Missing IP and Port in ISE Context Visibili

PX Grid Connector and Service NOW

Updating a segment with a new authorization option

Cisco ISE Counter for Authenticated Guests does not count up

CIMC interface not working on Cisco 3615

CSCwc22988 - setting disclose usernames - popup server will restart

Cisco ISE 3.2 with Azure AD