Network Access Control

We recently deployed this version of ACS. Some of our devices don't allow ssh and are currently configured for telnet only. I have a service selection rule say ServiceSelection1 so that if protocol is tacacs to use TacacsAccessPolicy service. For the...

Dear All,I am using ACS 5.0 version. Devices cannot able to access ACS If I am creating /32 IP device(AAA Client) address in the ACS.When I define subnet for the device e.g. /24 then all devices in the same subnet will start working.Why single IP add...

Hi,We have generated a certificate to be used for PEAP & EAP-TLS on our Primnary ACS.We have a secondary ACS which is replicating configuration, and by design Certificates are not replicated, so can we use the same certificate on the primary on the s...

I have set up Cisco ASA 5505 8.0(3) to use RAIUS server(Microsoft Internet Authentication Service with Active Directory)to authenticate Cisco VPN Client users.This is my config lines related to this setup:aaa-server as_ias_group protocol radiusaaa-se...

HiI installed ACS 4.2 AAA server and wanna to do authenticate user against TACACS. i found one java client library (http://sourceforge.net/projects/jnetlib/  to do the same. my query is that is there any another Open source java client library availa...

Hi EveryoneDid anyone experience a errormessage when updating ACS 3.3 to 4.0?We are using Windows 2000 SP4, and recieved the folling errormessage:ERROR: failed to export user database.Please check there is sufficient diskpace then rerun Setup.Setup w...

I am attempting to install a secondary ACS 5.2 server and would like to exportour Thawte certificate so that I can have EAP authentication on the secondary server as well.  According to Thawte, I should be able to export our CSR and private key file ...

Just changed AAA to use LDAP to MS2K8 AD rather than former RADIUS. Simply added hosts to existing LDAP group through ASDM. It is working fine, but I am getting tons of the following in the logs ... May 29 12:54:14 pix2-inside May 29 2009 12:56:11:...

Hi,I have a question, is it possible for the AAA to disable a account after a certain number of attempts are made for authentication in ACS 5.1?I have seen this option for System Administrator but not for user authentication setting. is there any doc...

Hi,I am looking to enable logs from the Cisco ACS 5.1 to be sent to the CS MARS. This Version of the ACS software is not supported on the MARS appliance. Is there are Work Around ?John

Hi,i'm looking to enable 802.1x on the wired network using EAP-TLS. The radius server will be an ACS5.2 running on the appliance. We'd also need some authorization for different machines - we'd like to use dACLs for that so that machine A will get fu...