Network Access Control

Hi All,Is it possible for ACS 5.1 to only allow specific AD users to authenticate the switches and routers?Currently What I have configured is onlyfor all AD users. I can't seem to find a way to be selective.ThanksRegards

Hi,One of our clients need to implement BYOD in their network. They are using Mac servers and clients. The requirement is to authenticate (wireless) users against the Mac directory server, in order to provide access to resources. I am trying to figur...

Im having some trouble with an ISE deployment using MAR, the alternative is to use EAP chaining but this requires Anyconnect 3.1, however i cant find any info on whether the client is suppported on Win7 Embeded (Wyse Terrminals)Help would be apprecia...

I don't understand why a phone I'm using to test my ISE setup get access and works although the MAB authentication is indicated as failed and ISE shows the device was rejected. The phone always stays in DATA domainI have a 3750 in stack with  IOS 12....

Is it possible to run Posture using ISE 1.2 without NAC Agent provisioning?-My customer does not want to push NAC Agent installation on BYOD type of computers (non-managed by the company computers). -The requirement is to check for posture only compa...

Hi,We currently have an issue with NAC agent which is consuming 30-50% of CPU. Version: 4.9.0.33Compliance Module Version: 3.4.27.1OS: Windows 7 SP1 Any ideas what may cause this ?

Hi,i have a 3560 configured with two radius servers .I had a problem so the 3560 switches to the secondary server . Now the first server is now available and working but the switch still sees like "DEAD" .How to force the switch to "re-up" the first ...

hello,before two weeks ago we installed radius server in our network.the other switches in the network are work fine with the radius,the nexus 5k can reach the server with ping, but cant authenticate the users, only local users can access.test aaa se...

I have my router configured to log both successful and Failed logins but I only see the failed in the logs.  Any thoughts.  Logging configuration below:login on-failure loglogin on-success log

Hi dears, I configure Guest portal and PEAP authentication for local wifi users. When I connect guest ssid it is working normal.The guest portal page open and i do self-registration and access internet. But when i want to connect enterprice wifi from...

Hi , Requirement is to configure RA-VPN users to authenticate with ACS 5.4.However each profile needs to be mapped to separate DL within same AD.Means user from DL "A" should be able to log in using profile "A" only not using profile "B". Even if he ...

Once a wireless user is authenticated to a WLAN using CWA and ISE, what are the parameters that can cause the user to be deauthenticated and redirected to the web portal?  The session timeout and user idle timeout in this scenario are set to 24 hours...

Hi all,Question about wired dot1X session termination.After a client successfully done on the wired dot1x authentication, my authZ rule is follow by the VLAN assignement whereby DHCP server will provision a client IP to the PC.But when the client doi...

Hi Community.Sorry, the subject sounds strange, but its hard to tell in few words.Our customer connects with Anyconnec VPN and needs a special login behavior.If our customer has User "xxx" and "yyy" in Active Directrtoy Group "OTP/LDAP Access" the AS...