Network Access Control

Single ACS server - Multiple Domain checking

Ok here is my crazy question for the day but I am not sure the best way to ask it. I am a complete newbie on the ACS but have gotten AAA working on my test switch. Woo Hoo .. I have two different domains in my AD forest. Lets say 123.mycompany.com an...

ACS 5.3 TWO mac address

Hi friend,I have a solution of thre ACS.. one primary and two secondaries. My customer report me that in port of the switch where is connected the ACS show two mac address+++ Switch CORE Configuratión +++SWSCSISCORE01#show running-config interface g3...

Resolved! ACS 5.3.40.1 bulk edit problem with some WCS attributes

Hi thereI just wanted to import the WCS TACACS+ SuperUsers attributes on ACS 5.3.40.1 via the new bulk edit feature. If I trye the following attributes and click submit, my admin user is logged out of the web GUI and the changes are not saved:task13=...

Resolved! TAC+: TCP/IP open to 10.20.17.2/49 failed -- Connection timed out; remote host not responding

TACACS+ configured on router and router is in ACS. I can ping the ACS but the router cannot establish a connection to authenticate users. aaa group server tacacs+ hq_acs-1server 10.20.17.2ip tacacs source-interface GigabitEthernet0/0!aaa authentica...

AAA unknown user behaviour

Hello,we have setup of AAA Cisco ACS 4.2, have noticed unusual behaviour of authentication,When the user tries to authenticate using unknown username and password, the first time it will say fail and prompts for Enable Password.but if the user is cor...

ACS not responding to Radius Requests with empty username

HiI'm running a ASA5580 to terminate remote access VPN. The ASA sends Radius Requests to a ACS 5.2 for Authentication. The ACS then connects via LDAP to the ActiveDirectory to authenticate the VPN User. So far, this works fine. But the ASA regularely...

ACS 5.0.021 CLI password Recovery

Hi Anyone knows how to recover ACS 5.0.021 CLI password.I dont have 5.0.021 cd with me can i use 5.2 cd to recover the same ? it is possible?or without Cd any possiblities are there? please help me!!!RegardsRajeswar

ACS 4.1 Dynamic users

Hi Everyone, I configured 3 NAPs (VPN, Wireless, 802.1X) in the ACS 4.1 and they're working ok, but when someone removes the dynamic users for some reason it deletes all data from the default account, for instance in my case my account to manag...

Privileges and Roles Based Views

Hello,I have been confguring Roles based Views with Windows radius authentication on our 2960's and 3750's and it is working great. I have 2 users, one with a Roles Base View called "priv3" and the other is for admins of login as the "root" view. I...

Not able to authenticate with local account on Cisco 2960 when Cisco AAA is not available

Dear Expert,I have installed Cisco ACS 4.2. I am trying to get authenticate using local user account on cisco 2960 after making Cisco ACS unavailable, but unfortunately not able to authenticate and receiving authentication failed messages. my aaa con...

Dot1x guest VLAN on 2960G

Hi,I have a 2960 sw configured for dot1x authentication, the problem is the Guest VLAN and Restricted VLAN didnot work. The switch port was stuck in authenticating status.The server is Juniper IC4500.Switch is 2960G, IOS 15.0(1)SE2the configuration:!...

User account disable on ACS 5.X

Hi,I'm working with the new ACS version 5.X, and i have a question. Is possible configure a local user account to disable it automatically, as in the 4.2 ACS version. When I create an local user account there isn't this option, and I don't know how t...

Configuring Cisco ACS 5.1 with Juniper Netscreen Firewall wit Radius & Tacacs+

Hello,Can anybody tell me the step-by-step configuration of Cisco ACS 5.1, to configured it with Juniper Netscreen Firewall for radius & tacacs+ authentication and authorization?I am able to configure this with Cisco ACS 4.2 with customise VSA file b...

Unable to SSH ASA from outside interface

I am unable to access ASA by external interface, i cannot ssh to the ASA to external inteface, it shows port 22 is in use but we don't use port 22.i appreciate any helpaaa(config)# ssh 0.0.0.0 0.0.0.0 Outside ERROR: Unable to configure service on por...

ACS 5.0 Design

Hi,I have ACS 5.0 integrated for 2-factor authentication (3rd party Vasco software as 2-factor authentication). All users are going to Vasco & get authenticated post 2-factor authentication. Now i need ACS authentication for a specific user. Is this ...

Network Access Control

Forum Posts

Single ACS server - Multiple Domain checking

ACS 5.3 TWO mac address

Resolved! ACS 5.3.40.1 bulk edit problem with some WCS attributes

Resolved! TAC+: TCP/IP open to 10.20.17.2/49 failed -- Connection timed out; remote host not responding

AAA unknown user behaviour

ACS not responding to Radius Requests with empty username

ACS 5.0.021 CLI password Recovery

ACS 4.1 Dynamic users

Privileges and Roles Based Views

Not able to authenticate with local account on Cisco 2960 when Cisco AAA is not available

Dot1x guest VLAN on 2960G

User account disable on ACS 5.X

Configuring Cisco ACS 5.1 with Juniper Netscreen Firewall wit Radius & Tacacs+

Unable to SSH ASA from outside interface

ACS 5.0 Design

Get ready! Great things are coming to Cisco Community

New name, same great product: Cisco Spaces

Congratulations to the July 2022 Spotlight Award winners!

PxGrid - Learn MAB Authentication Username

Endpoint abandoned EAP session and started new

Tenable ISE Integration

Can AnyConnect ISE posture popup action be changed?

ISE 3.0 Agentless Posture issue

ISE WLC - Assign interface to client

Kerberos SSO for ISE Sponsor Portal

Cisco ISE API's for CoA

CISCO ISE NAD API export for scheduled nackup

ISE Guest portal redirect