Network Access Control

Hi Everyone, I have a Primary Cisco ACS, called CiscoACS1, version 5.4 patch 6 with an IP address of 1.1.1.1/24 and a Secondary ACS, called CiscoACS2, version 5.4 patch 6 with an IP address of 1.1.1.2/24.Connectivity between them is ok, same subnets....

  Hi, Please help to share how to configure wired dot1x fallback to web authentication. I could not find any documentation how to configure the ise to do the web authentication. for my switchport i configured this:   switchport mode access switchport...

 I have most of information for Cisco web site.  Now, my questions are what recovery image i need to load on a bootable USB drive.  Do I need to change boot location on the ACS? Thanks,

Hello,we´ve a Cluster with 3 ACS5.5 Patch 3. Yesterday i´ve configured a lot. This morning the replication-id of the secondary Members differs.Master: 16587 ;  Secondary 16502.This results in a lot of problems, when the first server for authenticatio...

Hi I have an ACS5.4 which is used for Authentication on my network. I need to set up Accounting for the devices on my network to see the following: 1. Who logged into the device2.  What changes have been made. I have configured the switch for AAA and...

When i remotely access the core switch and then from the core switch when i try to ssh other devices i am not able to do so. These devices are being authenticated using AAA. What can be the possible reason for this ?

Hello,I currently have a working config for VPN users to use my LDAP server for a single group of users.  The LDAP server is directly connected to my inside interface. I recently added another node to my branch offices.  The new addition is another c...

Hi all,We have below scenario :Scenario 1 :I have implemented L2TP tunneling with authentication using radius and ip address assignment using local pool on AAA client devices."2 client  initiates L2tp tunneling using the same username , and both of t...

I'm using TACACS and ssh to access my rotuer and switches. What I need to do to enable audit? I want to get a report where I can see who logged in and what changes they made.Thanks.

Does ISE support DST change?

ISE Experts,I'm doing research preparing for an SGT deployment.We have Cisco ASA for VPN and iPEP for Posture enforecement.The questions are:1) Does iPEP support SGT?2) Can I utilize SGT for VPN users?Thanks,Val

Hi all, Just wondering if anyone else is having CoA issues using patch 8 on wired infrastructure? I was troubleshooting CoA this morning in a 5 node deployment (1 x Admin, 1 x Monitoring, 1 x secondary admin/monitoring and 2 x PSN) and found that CoA...