Network Access Control

command set for "clear counters"

I am having ACS 5.2. I have to configure a user which would have privilege 7 access and addition to this, a user can run "clear counters" command.how to configure cammand set for "clear counters"?Can i run clear counters by privilege 7?

Cisco VPN Login Fail After Enable Password Management

Hi,I have a VPN setup consist of Cisco ASA, Cisco ACS and a Microsoft LDAP server. The VPN client will be authenticated via the LDAP server and authorized via the ACS.The software version that I am using is 8.4(3).The VPN connection is ok until I ena...

Resolved! ACS 5.2.0.26 with two domains

I am trying to upgrade from a production ACS 4.2 installation that utilizes the Windows server that the ACS is installed on as the underlying authentication mechanism to ACS 5.2 that now joins to the domain. I have read several posts and haven't yet...

Resolved! Anyconnect Secure Mobility Client, Network Access Module, wired PEAP

Hello there,I am testing AnyConnect Secure Mobility Client, Network Access Module as supplicant with PEAP authentication for wired network users. With default configuration it is working well. With default configuration it is Trusting any Root CA ce...

Dot1x clients not authenticated after reload

Hi all,I have a switch setup with dynamic vlan assignment. Everything works fine until the switch is rebooted. Then none of the pc's are authenticated anymore. I have to do a shut/no shut of all the user ports to start the re-authentication of the pc...

Cisco NAC Agent 4.9.1.682 Problems with Mac Os X 10.7.4

HiMy Cisco NAC Agent (version 4.9.1.682) doesn't work since I upgraded my Mac OS X 4 months ago, This happens every time with CISCO and MAC when there is a new update and it always seems to take forever to fix.The NAC agent just keeps asking for my...

ACS 4.2 Certficate installation error

Hai,I am trying to install a certficate on ACS 4.2. These are the following steps that I did.Generate certificate signing requestPut the Certificate subject cn=SRLPrivate key file srl.pvk --------------(This is just a name)Pri...

Resolved! ACS - configure shell commands authorization to work under config mode (conf t)

Hi everyone,I'm trying to configure a shell commnds set such that all commands (including under conf t mode) will be allowed, except for administrative commands, such as write, copy, admin, format etc.It's been working for (most) priviliged mode comm...

Resolved! TACACS+ authentication and authorization on IOS XR

Hi all,I've been trying to connect several IOS-XR devices on our lab (ASR's, GSR's and CRS's) to our TACACS+ server (Cisco Secure ACS, release 4.2(0)). The goal is that the TACACS will manage user authentication and command authorization for all CLI,...

802.1x re authentication problem

Hello,I have problem with 802.1x authentication on switch ports which are configured in "Multi Session" mode. In Single host mode and Multiple Host mode it works just fine.The problem is following, when PC is first connected on switch port it authen...

Resolved! ISE deployment in wireless infra without WLC (only Access Point 1240AG)

Hello All,I am having access point 1240AG and planning to deploy ISE as a exteral radius server. I would like to know how deifferent authorization policy need to configure in AP/ISE. Whether I can use named ACL or VLANs (CoA) as a enforcement types w...

Trouble with Radius (MS NPS) on cisco Switches\Router

All,Thanks in advance. We are setting up a new office and I am trying to get RADIUS setup for authentication to my switches and routers. Currently I am working on a 3750 running IOS 15 and getting hung on what I think on something small. I have at...

ACS - Change Windows Remote Agent Selection

Hello,I've recently tried to change my Primary Remote Agent from ACS to another configure Remote Agent. it's available and in the same domain.This works well but I lose All my Database group Mappings when doing so..The Domain disappears from the list...

Resolved! Cisco Secure ACS 5.3 - Alarm Notification.

Hello.We are using version 5.3 with patch 5. Incremental and full backup are configured but every day we receive an alarm notification.Any ideas?Thanks.Andrea

Resolved! NAM profile editor, Machine Identity pattern

“Machine and User Connection”I am using Anyconnect Profile Editor, and got problem with making pattern for machine Identity. By default it is set to host/[username], the problem is with PEAP machine authentication on ACS I see host/username, Is ther...

Network Access Control

Forum Posts

command set for "clear counters"

Cisco VPN Login Fail After Enable Password Management

Resolved! ACS 5.2.0.26 with two domains

Resolved! Anyconnect Secure Mobility Client, Network Access Module, wired PEAP

Dot1x clients not authenticated after reload

Cisco NAC Agent 4.9.1.682 Problems with Mac Os X 10.7.4

ACS 4.2 Certficate installation error

Resolved! ACS - configure shell commands authorization to work under config mode (conf t)

Resolved! TACACS+ authentication and authorization on IOS XR

802.1x re authentication problem

Resolved! ISE deployment in wireless infra without WLC (only Access Point 1240AG)

Trouble with Radius (MS NPS) on cisco Switches\Router

ACS - Change Windows Remote Agent Selection

Resolved! Cisco Secure ACS 5.3 - Alarm Notification.

Resolved! NAM profile editor, Machine Identity pattern

Python script to run 'application configuration ise' against DevNet

Issue with Posture Agent "Checking for product updates..." 0%

ISE BYOD woth Entra ID failing

NetFlow Probe Profiling – Missing IP and Port in ISE Context Visibili

PX Grid Connector and Service NOW

Cisco ISE 3.2 Application Server stuck in 'Initializing' State

TrustSec approach for AWS workspaces

Catalyst 9300 ios 16.9.1 not Recognizing dot1x switch port commands

TEAP (EAP-TLS) issue with user authentication

CISCO ISE nodes restart unexpectedly