Network Access Control

The IRS requires all systems that process sensitive personal information, such as social security numbers, to have the passwords protected with many things, one of them being a minimum password age of 1 day being set on all password.  I cannot find h...

Hi AllWe are attempting to configure a RADIUS server with a Cisco 2500 Series Wireless Controller (AIR-CT2504-K9). Below you can see the configuration of the RADIUS sever on the controller, with the correct IP: Below is the configuration we have for...

Hi all, as far as you know, it could be possible to have two factor authentication in acs 5.x? What i want to achieve is: 1) if a VPN user try joint the network, a user lookup needs to be performed against a specific Group in AD, but the password ne...

I have an LDAP server, no radius server.Users need to authenticate when connecting to wireless (Cisco WLC 2504 and AP1702i).Can I have a single sign-on setup with the above devices or do I need a radius server ?

I am trying to apply patch 5.2.0.26.10 to a newly installed Cisco Secure ACS Server.  When I run the acs patch install command it fails.Here is my repos config:repository Update  url sftp://10.134.52.115/  user id4sftp password removedsh repo Update ...

Hey, I'm just wondering if someone could help - I was trying to create a repositary for my ISE backup which is on an SFTP server but ISE sent a pop up to my screen stating: 'Host key of sftp server must be added through CLI using 'crypto host_key a...

Hi Guys, Good Day! May I ask if it is possible in ISE 1.4 for me to configure authorization profile to check if User1 tries to connect to a specific tunnel-group which is configured in the ASA? Thank you and have a nice day! Cheers

Hi experts!Regarding ISE: 1. Are there indications or suggestions on the maximum number of sub-levels for MAB group structure? 2. We would like to ask if the creation and manual static assignment of an endpoing object (MAB) to a static policy assignm...

Hi All, Given that Microsoft Active Directory has two limitations as follows: Cannot reject specific word to be used in Password Reset (e.g. company name) Cannot enforce Special Characters as Mandatory Complexity requirements (i.e. AD can accept the...

Hello, "ISE1.3 - Number of device per guest user account"Is there a way to limt the allowed number of sessions per guest account ? I only allowed to connect one device per guets account but as we all know that ISE guest Usernames are not case sensiti...

Hi Folks, We are facing a problem that Cisco ACS 5.7.0.15.1 is unable to get synchronize with the NTP Server (AD as a NTP Source). See output below. Any help will be appreciated. TestACS1/admin# show logging | include ntp Nov 16 10:42:32 TestACS1 mon...

Hi all, in the old versions of Cisco ACS ( 4.x ) there is the option to configure a workstation name (by default set to "CISCO")  that it will be used as "presentation name" to AD.    you can find this conf under : external user database-->database c...