Network Access Control

We are planning to use Cisco AnyConnect Network Access Manager as a 802.1x supplicant for our wired network as we ran into issues with  Microsoft native supplicant. There are certain advantages in using inbuilt supplicant on Windows as one can get de...

hi guys,     when i try to enable acs migration web interface,i got the error message as below,anybody would be help on it,thanks in advance!acs52/admin# acs config-web-interface migration enableFailed to modify webapp statepasted the logging as belo...

We are using Microsoft IAS Radius server for authentication to a large number of Cisco routers in our organization. Is it possible to log the commands that are entered on routers (Whether console or telnet session) for audit purposes? If so, is the...

Hello,I am running ACS 5.4.0.46.4.  I am creating command sets to restrict access for a certain group of users.  Is there any way to restrict them from accessing a specific interface (Gi1/1/1 for instance)?  I tried putting a "deny interface GigabitE...

Hi..We are deploying ISE 1.1.1 for an enterprise customer. Having some doubts about postering. Customer wants to check windows update as part of posture check. What I understood, ise supports only wsus. There is a predefined rule pr_WSUSRule,which ca...

Hi All,Its a Cisco Acs 1120 device having version 5.0.I have cerated three basic user group which having privillage leve 15,10 and 1 on ACS Tacacs+.My configuration for AAA on Switch is as followsaaa authentication login default group tacacs+ localaa...

Hello,Every couple of months or so our primary CDA server stops mapping and starts generating "Too many open files" errors (around 50 errors per second).This is the error:Log attributesevent exception exception-stack java.net.Socket.createImpl(Socket...

Could someone please clear up the topic regarding ACS and certificate key lengths for PEAP?  I have not been able to confrim through research.  In the ACS documentation, it states that using a key length of >1024 will not work - it will appear to pas...

I have recently set up a similar network using Ruckus equipment; however, need to do it now with Cisco...I have a multiple SSIDs associated to different VLANs broadcasting.  I would like to configure a single Radius server pointed to my NPS server an...

Dearsi have issues profiling the Cisco ip phones , it's profiled as "PROFILED"  the only probes i enabled on switches and ISE is Radius and now i know the i need to enable CDP device sensor so it can be sent via Radius accounting but i can't find the...

Dear All Experts in ACS,I need your advice whether ACS has such capability in controlling access to a group of devices in time-based.My client had restrict the change windows starting from 00:00 - 06:00 midnight, to comply toward this restriction. We...