Network Access Control

Resolved! Cisco ACS 5.3 connect to multiple identity stores / external database?

Hi ThereI understand that Cisco Secure ACS 5.3 supports the integration with existing external identity repositories such as Windows Active Directory and LDAP servers. In fact, in my environment, my ACS 5.3 is now integrated with AD and RSA.My questi...

Monitoring Cisco ACS 1121 via SNMP

Hi,I have 5 installations of ACS appliances (ACS 1121 running ACS 5.3). Is there a way to monitor them via SNMP? The AD client keeps dying on one of them, and even with the newest patch it's not up. Also, i want to monitor them up/down, CPU, memory.....

Cut through proxy for servers in DMZ only

I have this working with Microsoft RADIUS server however I only want to restrict access to one server sitting in the DMZ using this method and once users authenticate they can RDP to the server. When I apply all the settings I lose all access oth...

Resolved! ACS 5.3 Default Backup Password

When doing a backup on any of the ACS 5.x appliances by default the backup is encrypted with PGP. What password is used for that? Is it configurable?

ACS loses connection with AD occasionally after upgrade from 5.2 to 5.3.0.40

ACS had been integrated with Active Directory before ACS upgrade to 5.3. After the ACS 5.3 upgrade users aren’t able to login to AAA devices occasionally. Error message is:{AuthenticationResult=Error; Type=Authentication; Authen-Reply-Status=Error; }...

How to best switch 4.2 design to 5.3 scaleable model

Hi All;I am somewhat a Newbie with ACS, and am trying to document, resolve and understand a 4.2 implementation in preparation for an upgrade to current version.In our system we might have 20 engineers, some of whom need access to some of 10 service g...

Resolved! cert

Is there anyway to get rid of the cert. warning when somebody connects to wireless or I need real certs?

ACS 5.2 - Clock Skew Error

Dear Folks, I have 6500 VSS Core Switch configured as NTP Server .I have installed ACS 5.2 vmware and sucessfuly integrated with the AD . I have noticed in some case, i lose connectivity between ACS and AD and when i say test connectio...

Cisco ACS5.3; differentiating between WebVPN and IPSEC Radius Authentications from a ASA

I am using Cisco ACS5.3 to authenticate users (using radius) for a cisco ASA firewall for both WebVPN and IPSEC client connections. I have been able to do this successfully. However I need to be able to deply Cisco vendor specific attributes (VSA) ...

Resolved! ISE Splash Page

I am trying to force a Splash Page/Acceptable Use page for all authenicated users on the ISE appliance. I have uploaded the html file and created an AUP on the ISE appliance. However, I am not sure how to redirect all users to the page or what the ac...

Resolved! NAC agent on Wireless runs everytime we switch controllers

Hello all, we are seeing an issue in our enviroment and wanted inquire about it. We have a Cisco wireless infrastructure in place here - 2 5508 controllers and approx 200 3502 AP's. We have the AP's split evenly between the 2 controllers. We ba...

ACS authentication question

I have a Cisco Secure ACS giving port access to approved MACs. I am wondering how the process works. We recently replaced all the PCs in our organinzation. After the new PCs were deployed, we removed all the MACs from the ACS. I noticed today tha...

ACS 1113 NAR related problem.

Hi,I have configured user level NAR in my ACS 1113 SE running with 4.2.0.124(No patch). The routers and switches which are permitted in NAR are accessble as per configuration and the devices which are not configured are not accessble. I mean to say ...

Resolved! ACS Rules based on Wireless SSID?

As part of our BYOD policy, mobile phones are supposed to only use certificates for authentication, but they are using MSCHAP and cached creds to authenticate without a certificate. I think that I can fix this in ACS by creating a rule that PERMITS a...

ASA and LDAP

Hy everyone!I have an ASA talking to an LDAP to perform the VPN logins. So far I have this configuration working fine:ou=ciscovpn,o=exampleSo every user under ou CiscoVPN can login. But now I have a problem: there are several users in different ou wh...

Network Access Control

Forum Posts

Resolved! Cisco ACS 5.3 connect to multiple identity stores / external database?

Monitoring Cisco ACS 1121 via SNMP

Cut through proxy for servers in DMZ only

Resolved! ACS 5.3 Default Backup Password

ACS loses connection with AD occasionally after upgrade from 5.2 to 5.3.0.40

How to best switch 4.2 design to 5.3 scaleable model

Resolved! cert

ACS 5.2 - Clock Skew Error

Cisco ACS5.3; differentiating between WebVPN and IPSEC Radius Authentications from a ASA

Resolved! ISE Splash Page

Resolved! NAC agent on Wireless runs everytime we switch controllers

ACS authentication question

ACS 1113 NAR related problem.

Resolved! ACS Rules based on Wireless SSID?

ASA and LDAP

Congratulations to the Event Top Contributors Class of 2024!

Cisco + Splunk: It's a new day for your data.

A new chapter of the Spotlight Award begins!

Join us in Celebrating the New Year and the Nov.-Jan. Winners!

Announcing Resources That Guide You to Success

Profiling Wired Endpoints without 802.1x or MAB using IBNS2.0

"Change Password" functionality

ISE and DuoProxy failmode=safe issue

BYOD client provision failing with NDES role on Windows 2019

Cisco ISE - ANC leveraging integrated AMP - Isolation

Is this possible: Static MAC Entry skipping 802.1x authentication

ISE GUI showing cannot reach page and refused to connect

ISE 3.2 p3 - Cert based Machine auth does not work

ISE Cert Question

ThinkPad Universal USB-C Smart Dock with multiple MACs