Network Access Control

Resolved! ACS Appliance 4.2 - Internal database replication Problem

hellow i'm yunchoul jung in koreanow i'm configuring ACS Appliace 1113 ver4.2 in internal database replication, Primary and secondary ACS server can not repliacate the database because of the default SELF(127.0.0.1) configuration in network configura...

Resolved! ASA 8.2(3): can't "enable" TACACS ACS4.2 user with privilege level 10

I can't seem to enable in ASA with a non-15 privilege level user configured in ACS 4.2 (tacacs).When I enable in IOS device, it enables and "show privilege" shows level 10 as expected. ACS should be configured correctly as it works fine with IOS. Use...

private key file from acs 3.3

Hi All , I have my SSL server certficate on my old acs 3.3.along with private key file , How i can export this private file with .pem extension from windows 2000 server , This private key file is not identified under certficate mmc console ...

password issue on ACS5.0

HelloI am now locked out of the ACS due to entering the following command:username admin password hash x2D35G37 role adminThe password will not work now.I thought the mistake was that I had made was a hash of it :-)i.e . the password I would need to ...

ASA5510 and ACS issue

For some odd reason we have one cluster of ASA lose connectivity with ACS. Sometimes we can log in using our TACACS accoutn, other times local, but what is most annoying.Fallback authorization. Username '' not in LOCAL databaseCommand authorization f...

vpn authentication

Hi,I am using ASA 5520 for VPN remote access. How I tell ASA to use TACACS first then LDAP when authenticating VPN users.Is there a command for that or how to do it using ASDM.Thanks,

SSH local user priv 15

I am trying to configure an ASA 5505 running 8.3 to allow a priv 15 local user to be able to ssh into the device and be placed into priv 15 mode without having to execute the enable command and type the enable password.Right now when you log in as a ...

Resolved! Migrating the existing database from ACS win 3.3 to ACS appliance 4.2.15

Hi All,Can anyone suggest me how to migrate the db from acs windows 3.3 to acs appliance 4.2.15.We are replacing win 3.3 to appliance 4.2.15 as a part of end of life. So we have the eap-tls/peap authentication.It has the huge records. So suggest me t...

ACS bajo 802.1x

Hola,Estoy trabajando un escenario de control de acceso bajo 802.1x con ACS integrado a un AD, tengo 1 sede principal (donde se encuentran los ACS: Principal y redundante) y 05 sedes remotas a traves de una WAN, al respesto tengo alguna consulta¿Que ...

Resolved! ACS 5.2.0.26 Retrieving the CRL list from MS Certification Authority

Hi we are have issue retrieving the CRL.Similar example of what we have as our URL for our CRL in the issuing and root certificate on the ACS.http://xyz-ca-issuer.com./CertEnroll/xyz%20Root%20CA.crlI have seen a posthttps://supportforums.cisco.com/do...

Shell Command Authorization Sets ACS

hi i followed this guide step by step http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_configuration_example09186a00808d9138.shtmlbut still all my user can use all the commands ! version 12.4 service timestamps debug datetime msec serv...

ACS Location Access Control.. How?

I have spent 2 days trying to get Location based access working and can't figure it out. I have ACS 5.2 installed. My setup is as follows. 6 Locations2-3 Administrators per location then 3 Administrators for all locations. We want to grant access...

Latency demands between a hosted AAA solution and remote sites

Hi!We are about to deploy a Cisco Wireless solution on various remote sites for a customer connected to our MPLS network. There will be WLCs on some of the remote sites. At the central Hub site we will deploy ACS for managed authentication. Does any ...

Tacacs authentication fails for one user account for only one switch

Hi,I am having an scenario, where as Tacacs authentication fails for one user account for only one switch.The same user account works well for other devices.The AAA configs are same on every devices in the network.Heres the show tacacs output from th...

Resolved! Simple SSH Access-List Question

I am enabling SSH access for all of our Cisco devices and want to restrict access to just the following ip addresses: 192.168.200.1-192.168.200.50. I forgot the exact access-list configuration to accomplish this. The subnet is /24 and I don't want ...

Network Access Control

Forum Posts

Resolved! ACS Appliance 4.2 - Internal database replication Problem

Resolved! ASA 8.2(3): can't "enable" TACACS ACS4.2 user with privilege level 10

private key file from acs 3.3

password issue on ACS5.0

ASA5510 and ACS issue

vpn authentication

SSH local user priv 15

Resolved! Migrating the existing database from ACS win 3.3 to ACS appliance 4.2.15

ACS bajo 802.1x

Resolved! ACS 5.2.0.26 Retrieving the CRL list from MS Certification Authority

Shell Command Authorization Sets ACS

ACS Location Access Control.. How?

Latency demands between a hosted AAA solution and remote sites

Tacacs authentication fails for one user account for only one switch

Resolved! Simple SSH Access-List Question

Cisco ISE posture policy match orders

NetFlow Probe Profiling – Missing IP and Port in ISE Context Visibili

Default Route SGT

PX Grid Connector and Service NOW

ISE Posture: secure client stops posture synchronization

Mac Authentication Bypass (Credential Failure)

I have a question regarding the ise license.

Posture Policy for Wired & Wireless endpoints

ISE 3.3 patch 4 to patch 6

User Can't change Password even we enable Allow password change