Network Access Control

I can not seem to get this to work, can someone see an error on the cisco side? My thought is it's a Microsoft issue but would like to have my config reviewed anyway. Here is my config:version 12.4service timestamps debug datetime msecservice timesta...

Hi allI've set up my 5540 ASA to accounting commands on TACACS+.Every moviment done through ASDM is logged on TACACS+ by this form: cmd=perfmon interval 10What does that mean?Why doesn't it record the exaclty command I'd issued?Thank you all

Hello, have a problem with http authorization through AAAI have tried this one#aaa authentication login default group tacacs+ local#ip http authentication aaa login-authentication defaultand this#aaa authentication login SUPERLIST group tacacs+ local...

Guys,I have problem my company don't allow internet access but my client use usb modem to access internetCan i block USB modem with cisco NAC (use registry, AD or any other combination)Can u help me guys, Best Regards,- Rizal Ferdiyan -

Hi all,We are using ACS 5.2 to authenticate users from SSL VPN connection. Users can login fine by the username and password created on the ACS, the problem is when we enable the change password on next login check box, users will stop to login. I kn...

Hello! Help me please!Im perform installation Cisco NAC Server 3315 ver. 4.8(2) but after that I cann't connect to Server by https - HTTP 403 Forbidden. And I can connect to NAC Server by ssh.What could be the reason?

Hi all,I have some problems with the VRF that I made and the radius verification.The problem is that it's imposlible to make authentication through the radius server.The debug output is :000103: Nov 17 14:26:02: RADIUS/ENCODE(00000004):Orig. componen...

Hi,I need to configure the ACS 5.1 to meet the following requirement :-1. ACS 5.1 will point to a RSA SecurID as the first authentication mechanism for the validation of user credential2. In the event that RSA SecurID is not reachable, the ACS 5.1 sh...

Dear,Is it possible to get the vlan id of a port of a switch so it can be used in ACS 5.2 policy ?When configuring dot1x, we would like to check which vlan is configured on the switch.Many thanks,Lieven StubbeBelgian railways

Hi All, we are using NAC 4.1 version. I need to get new cert from provider, so need to export CSR again. I've exported CSR and submitted to provider, but they said the CSR  is 2048 bits and needs to be 1024. I don't see any option in CAS GUI page to ...

Hi all,I'm having problems getting EAP-TLS to work when a client machine needs to connect to a WLAN (before logon)I can make the user get a cert from my CA, login as local & connect to WLAN through EAP-TLS without any problem.With admin account I can...

Dear,I will apreciate , if someane has a good guide for 802.1X with ACS 5.2 with Active Directory.THANKS,I

Hi all,i've problem, switch "authorization failed" on every command that i type.Switch#sho runCommand authorization failed.Switch#conf tCommand authorization failed.i only use basic configuration. *attached belowSwitch config :aaa new-model!aaa authe...