Network Access Control

Cisco ACS 5.4 and Nexus 7000

Hi I am trying to configure my Cisco ACS 5.4 via TACACS for Nexus 7000 (NXOS 6.2(2)). Following this documentationhttp://www.cisco.com/c/en/us/support/docs/security/secure-access-control-system/115925-nexus-integration-acs-00.htmlBut when logging in...

Resolved! EAP Chaining with Cisco ACS 5.x and the Cisco Anyconnect NAM Client

Hi Guys,Whilst I’m well aware of the limitations of the built in the windows Wireless 802.1x supplicant. Is there a way, using the NAM client to authenticate both a computer and a user simultaneously, when used for authentication to wireless networks...

Resolved! Radius authentions with ISE - Live Authenications blown up with entries

Hello, We have a Brocade Load Balancer (ADX 1000) that is using ISE 1.2.0.899 Patch 1,2,7,12,13 as the radius server. When logging into the device via the web interface, it blows up the ISE live authentication logs. I do not see this behavior when ...

CISCO ISE API get client IP address

I am using the CISCO ISE REST API and I want to be able to get the client IP address. I have been reading the Monitoring REST API documentation here: http://www.cisco.com/c/en/us/td/docs/security/ise/1-2/api_ref_guide/api_ref_book/ise_api_ref_ch1.htm...

configure Mac Authentication Bypass (MAB) in ACS 5.1

Hello,I am a newbie in ACS 5.1 and UAC.I configured a MAB Access Service, but I get the error in the Radius Monitorring: 15024: PAP is not allowed.However, I nowhere configured PAP. Any idea what I do wrong ?I did not configure any protocolls, just '...

Cisco ACS 5.x isn't sending a password reset prompt through RADIUS to my Pulse Secure MAG2600.

I have a pair of Pulse Secure MAG2600s that serve as my remote access (VPN) into my data center. I'm running my primary authentication for VPN access against OCSP checks and extracting the values of the CN and OU fields of the CERT to determine what ...

Secure ACS and Minimum Password Age

The IRS requires all systems that process sensitive personal information, such as social security numbers, to have the passwords protected with many things, one of them being a minimum password age of 1 day being set on all password. I cannot find h...

Difficulty Configuring a RADIUS server with a Cisco 2500 Series Wireless Controller

Hi AllWe are attempting to configure a RADIUS server with a Cisco 2500 Series Wireless Controller (AIR-CT2504-K9). Below you can see the configuration of the RADIUS sever on the controller, with the correct IP: Below is the configuration we have for...

Resolved! acs 5.8 vpn authentication using AD and External OTP server

Hi, is it possible to authenticate an user using Active Directory, internal database and OTP server for password? what i want to achieve is: - if the VPN user belongs to a specific group of our AD....perform the user lookup on that Group and if user...

ACS: two factor authentication using AD group/internal user, external proxy

Hi all, as far as you know, it could be possible to have two factor authentication in acs 5.x? What i want to achieve is: 1) if a VPN user try joint the network, a user lookup needs to be performed against a specific Group in AD, but the password ne...

Resolved! ISE (SNS-3415-K9) redundant NIC's

Hi all. can we connect one SNS-3415-K9 (ISE) to VSS switches . we have one ise (SNS-3415-K9) server can we connect one interface(g1) to switch1 and another interface(g2) to switch2 for Redundant and load balancing ..

Windows Single Sign-on using only LDAP server

I have an LDAP server, no radius server.Users need to authenticate when connecting to wireless (Cisco WLC 2504 and AP1702i).Can I have a single sign-on setup with the above devices or do I need a radius server ?

Cisco Secure ACS 5.2 Patch Installation Issue

I am trying to apply patch 5.2.0.26.10 to a newly installed Cisco Secure ACS Server. When I run the acs patch install command it fails.Here is my repos config:repository Update url sftp://10.134.52.115/ user id4sftp password removedsh repo Update ...

Resolved! Disable Authentication for Reverse Telnet on Async lines

I have a 2811 that is acting as a terminal server with multiple async line being used for console access. Whenever I go to open a reverse telnet on one of the lines I always get hit up for my authentication credentials. Is there a way to eliminate th...

ISE Backup question

Hey, I'm just wondering if someone could help - I was trying to create a repositary for my ISE backup which is on an SFTP server but ISE sent a pop up to my screen stating: 'Host key of sftp server must be added through CLI using 'crypto host_key a...

Network Access Control

Forum Posts

Cisco ACS 5.4 and Nexus 7000

Resolved! EAP Chaining with Cisco ACS 5.x and the Cisco Anyconnect NAM Client

Resolved! Radius authentions with ISE - Live Authenications blown up with entries

CISCO ISE API get client IP address

configure Mac Authentication Bypass (MAB) in ACS 5.1

Cisco ACS 5.x isn't sending a password reset prompt through RADIUS to my Pulse Secure MAG2600.

Secure ACS and Minimum Password Age

Difficulty Configuring a RADIUS server with a Cisco 2500 Series Wireless Controller

Resolved! acs 5.8 vpn authentication using AD and External OTP server

ACS: two factor authentication using AD group/internal user, external proxy

Resolved! ISE (SNS-3415-K9) redundant NIC's

Windows Single Sign-on using only LDAP server

Cisco Secure ACS 5.2 Patch Installation Issue

Resolved! Disable Authentication for Reverse Telnet on Async lines

ISE Backup question

Bulk Update Fails for customAttributes - Is it supported?

UserPrincipalName not showing in ISE Log for certain user

CISCO NAM installation by iso generated by System Center

can i USE 2 CISCO ISE posture policy in same time with 2 Anti malware

High Response time for Entra ID TEAP with ISE

SSL VPN FOrtigate with Cisco ISE Posture

Certificate Services OCSP Responder nearly expired

ISE databases - which one has the endpoints?

port-based network access control for Data Center - 802.1x (yes or no)

Cisco ISE-V-3.3.X: CSCuj78705 >Schedule Report Attachment through mail