Network Access Control

NAC and ACS

Hello,We plan to implement NAC but it's really a new thing for me.We'll setup NAC appliance and use AD for authentication.Do we need ACS when setting up NAC appliance or is it only needed with NAC framework?

Resolved! AAA on Async Lines

HiWe have async lines between 2 sites to stream SCADA type informationWhen we have applied AAA Tacacs to routers this has been no problem until lines are reset then I guess as EXEC sets up connection it fails as no AAA authentication.Due to criticall...

Resolved! Cisco ACS 5.2: How to make "service account" exempt from password lifetime policy

we have a policy on ACS to disable user account (Internal user identify store) after X days if password is not changed.However, it creates challenges for "service accounts" from NM servers. My goal is to exclude those service accounts from changing p...

ACS with CAC/Smart Card Authentication

I have configured ACS 5.1 to authenticate a wireless user via EAP-TLS using the predefined Certificate Authentication Profile within ACS, but I don't understand how it is successfuly authenticating users. Is it simply trusting any user that presents ...

Resolved! ASA 5520 - VPN Access Control Using LDAP

I am configuring an ASA 5520 for VPN access. Authorization & Authentication use an LDAP server. I have the tunneling configured successfully, and I can access internal resources. What I want to do now is to restrict access to a specific AD Group m...

bulk upload mac address to ACS4.2

Hello,Customer is running acs4.2 and need to upload thousands of mac addresses in ACS database for MAB. how can this be done? does cisco suport csv file import in acs4.2 or any other utility?Thanks for your help in advance.

Radius Authentication in ACS 5.2 with AD

Friend,I have a questión about radius authenticaction with AD, when I log in into the network with user in AD and I make a mistake in password my radius authenticaction event in ACS 5.2 dont show me this logg. only show the authentication succeeded b...

CSLog service not started

Hi,I used ACS 4.2.1.15 on windows 2008 SP1, found CSLog service not started. I try to restarted but service was started for while and went to stopped.How should i do to start this service? Thanks and appreciated for any idea.

Upgrade to 5.2

Am I entitle to upgrade from 5.1 to 5.2 by having smarnet on my 1120 Secure ACS Appliance?

Resolved! Machine based authentication using EAP-TLS, MS CA, and ACS 5.2

I've been using ACS 4.2 for Windows for a couple of years now and I'm fairly comfortable with it. The 5.2 model is alot more different than what I was anticipating. We have downloaded the 90 day trial in our lab and I'm trying to get 802.1x wired w...

MAC Authentication bypass on ACS 5.1

Hello,I am very new to the 802.1x world. The customer wants to configure MAC Authentication bypass. Now for configuring MAB, I am aware that they should be already be having 802.1x in their network.I have read a couple of documents pertaining to the ...

ACS 5.1 & Tons of Domain Controllers Behind Firewalls

We have ACS 5.1 deployed in a large environment where we have two local domain controllers and boat loads of other domain controllers outside of our administrative domain behind multiple firewalls. When joining ACS to the domain we had troubles. Debu...

Cisco AAA and Free Radius enable secret failure

Hi,I am currently testing aaa authentication with free radius.I can authenticate users through the radius server, however i cannot authenticate the enable secret.Here is the router configurationsaaa new-model aaa authentication login default group ...

Two factor authentication on Cisco ACS 4.x / 5.x

I would like to konw does Cisco ACS 4.x / 5.x natively support Two factor authenication, but not act as a Radius Proxy?

ACS 5.1 NTP synchronized to Local

Hello, I'm trying to synch time in an ACS 5.1 but after configuring with the ntp server command the show ntp command displays that time is synchronised to local net at stratum 11.The ntp source is a Windows 2003 server and the show ntp command shows ...

Network Access Control

Forum Posts

NAC and ACS

Resolved! AAA on Async Lines

Resolved! Cisco ACS 5.2: How to make "service account" exempt from password lifetime policy

ACS with CAC/Smart Card Authentication

Resolved! ASA 5520 - VPN Access Control Using LDAP

bulk upload mac address to ACS4.2

Radius Authentication in ACS 5.2 with AD

CSLog service not started

Upgrade to 5.2

Resolved! Machine based authentication using EAP-TLS, MS CA, and ACS 5.2

MAC Authentication bypass on ACS 5.1

ACS 5.1 & Tons of Domain Controllers Behind Firewalls

Cisco AAA and Free Radius enable secret failure

Two factor authentication on Cisco ACS 4.x / 5.x

ACS 5.1 NTP synchronized to Local

NetFlow Probe Profiling – Missing IP and Port in ISE Context Visibili

Default Route SGT

PX Grid Connector and Service NOW

ISE Posture: secure client stops posture synchronization

Posture Script Condition–Fails to Connect When SHA-256 Fingerprint Add

ISE 3.3 system certificate update

ISE Polcy Question

Downtime for certificate renewal - ISE 3.2

ISE Profiling Conflict

Scenario ISE-Pri dead and promote ISE-Sec to Primary