Network Access Control

I am trying to use autocommand in an ACS 5.5 shell profile. Works fine on IOS routers fails to run on Nexus. Any thoughts?

I have just been patching out ACS 1121 on Ver 5.3 in preparation for upgrading to 5.5 however having successfully patched the secondary server I tried to promote this to the Primary and this seemed to fail with no error message.A reboot of the Second...

HelloWe have an ACS 5.4 w/ 20,000 async authorization errors: 22056 Subject not found in the applicable identity store. The associated IP address is a Cisco Async router. We added no exec to stop authentication errors but continue to have authorizati...

I would like to receive a report daily on our TACACS activity on our network devices. I've looked thru the menus and searched some but have not found a clear way to generate such a report. any help is appreciated.

We have not updated to 1.2.1 yet and are running 1.2.0.899. the only changes made to the system was alarm settings, which was just adding emails to alarm notification in settings. Four hours after the alarm notif. change we started gettings alerts th...

Can anyone point me in the direction of documentation or sample configs for using AD accounts to authenticate connecting to SSID on WLC? I am trying to setup a new SSID on a 5508 WLC that only a specific AD group can connect to. I gather that I will ...

Hi, is there any possibility to match on a custom EKU with ACS 5.5?I have to create a solution to limit access to a specific WLAN SSID. Only certificates containing a specific, self-created EKU should have access to this SSID. Other certificates from...

As part of an ISE implementation, I want to test ISE failover for Admin, MnT, and PSN personas.  Does anyone have an ISE failover test plan or ISE failover test best practices documentation to share? Thanks much,David Daverso

After the user logs into the portal and register its device I can´t seem to find a way for an auth policy to capture the data and permit the device into the network. So the flow would be MAB->CWA->Permit access if users are in identity group name "X"...

hi ,i have  configured my ACS 4.2 to  assigne static ip addres to vpn users (172.17.17.100) ,the acs assigne the ip address but it  gives the users the default subnet mask (255.255.0.0) .i want to change the mask to be 255.255.255.0 .it's possible ? ...

Hi All, I want to implement network access control system in a fashion that when someone from outside access our network (Wired/Wireless) he should not have direct access to our system. There must be some authentication, authorization and accounting....

 Hello All,One of the customer is having ISE in their environment and they have windows 7 & 8 for end users. However they want to connect a windows server 2003 workstation on the user vlan but as far as I know there is no NAC agent available for wind...

Is it possible to set a dot1x user to have a time limited session? Scenario is a wireless PEAP client connects to a wlc controlled access pointManagement wants that session to last no longer than 10 minutes and then is disconnected and not automatica...