Network Access Control

Resolved! TACACS+ and RADIUS - Does either care about hostname?

When first experimenting with TACACS+, I remember changing the hostname on a router and having it cause issues with authentication. Is it normal for TACACS+ to use a devices hostname as part of the authentication process? What about RADIUS?

Using TACACS+ auth from ACS 5.1.0.44 to ACE. Having Issues with Shell (Exec)

Using TACACS+ auth from ACS 5.1.0.44 to ACE. Having Issues with Shell (Exec)So I am trying to get TACACS+ auth to work for my ACE.The command string that I have on the ACE is as follows:tacacs-server host 172.16.101.4 key 7 XXXYYYZZZ timeout 15aaa gr...

Resolved! NAC Guest Server - how to reactivate suspended users

I am wondering if it is possible to reactivate suspended users.My customer wants to set up guest users for external consultants who are on site for a few weeks every year. He does not want to set up new users every year, instead reactivate the suspen...

Catalyst WS-C2960G-48TC-L and dot1x

hello, i have a WS-C2960G-48TC-L switch with (C2960-LANBASEK9-M), Version 12.2(53)SE2 IOS. I need to configure on his interfaces dot1x, but is not active all de options on the interface dot1x submenu:C2960G(config-if)#dot1x ? credentials Credent...

Resolved! rejected mac addresses are not placed in guest vlan

Hi all,I am kind of new to switches and learned a lot by reading the documentation sites. My job is to enable aaa authentication on our Cisco switches, we have a 3750stack, a couple of 3560s and some 3550s. I am testing on one of the 3560s, a WS-C356...

ACS SE 4.2 and Time sync problems

Hello,we have several ACS SE 4.2 (Release 4.2(0) Build 124 Patch 17) and I can not make any of these devices to sych their time through ntp.System Configuration -> Appliance Configuration -> NTP Synchronization Enabled -> NTP serversAfter I've speci...

switch>en % error in authentication

Hi All, Can anyone tell me to configure enable password in ACS 4.2.Initially I configured username and password for login authentication in ACS 4.2.Please have a look the below command i have given to switch:aaa authentication login default g...

ACL in NAC-L2-IP on Catalyst 3750

Hello Team,I have problem with NAC-L2-IP on Catalyst 3750. Posture validation comes successfully , host assigned Healthy token (or Quarantine, depends of what I put on ACS). I use profile-based NAC-L2-IP Network Access Profile along with default Down...

[ASK] ACS accounting for WEB GUI configuration change

Hi,I want to ask if the ACS accounting can be used to log any changes made in web base configurations like ASDM / PDM (for FWSM and ASA) and ACE web GUI. As I know that ACS accounting can log all the change made in CLI.Warm Regards,Charles Chia

Resolved! TACACS + Command Logging Problems

All,Working on a problem that I'm having getting command logging setup for my switch / router infrastructure. Below is my config, authentication is working, both console & SSH. Authorization is also working. Some of my accounting features are work...

Resolved! ACS 5.2 selection policy/access service attribute question

helloi'm using ACS 5.2.0.26 and have created Service Selection Policys to authenticate wireless PEAP clients based on the domain suffix used by the clients. if i use the RADIUS attribute RADIUS-IETF:User-Name to do this, am i right in saying that thi...

RSA authentication with LDAP group mapping

Greetings, I'm trying to set up RSA authentication with LDAP group mapping with ACS Release 4.2(1) Build 15 Patch 3. The problem I'm having is that my users are in multiple OU's on our AD tree. When I only put our base DN in for User Directory Subtr...

Unknown CA failure on ACS express

Hi forumersi try to let user access to the network authenticate using ACS express, then map to the AD server. somehow i get the error from the authentication report is FAILURE REASON: UNKNOWN CAi try and use self-singed certificate, then download the...

ACS 4.2 access que

Hi,how to take out full access to the device on perticular date and give read only access from that date...sorry...im new to acsThanks...

Managing ACS

Is there a way for me to put in community strings through the web interface for ACS? or do I have to console in?Thanks

Network Access Control

Forum Posts

Resolved! TACACS+ and RADIUS - Does either care about hostname?

Using TACACS+ auth from ACS 5.1.0.44 to ACE. Having Issues with Shell (Exec)

Resolved! NAC Guest Server - how to reactivate suspended users

Catalyst WS-C2960G-48TC-L and dot1x

Resolved! rejected mac addresses are not placed in guest vlan

ACS SE 4.2 and Time sync problems

switch>en % error in authentication

ACL in NAC-L2-IP on Catalyst 3750

[ASK] ACS accounting for WEB GUI configuration change

Resolved! TACACS + Command Logging Problems

Resolved! ACS 5.2 selection policy/access service attribute question

RSA authentication with LDAP group mapping

Unknown CA failure on ACS express

ACS 4.2 access que

Managing ACS

Cisco ISE posture policy match orders

NetFlow Probe Profiling – Missing IP and Port in ISE Context Visibili

Default Route SGT

PX Grid Connector and Service NOW

ISE Posture: secure client stops posture synchronization

ISE pxGrid client/server certificate creation and renewal

not able to export scheduled reports to repository

Mac Authentication Bypass (Credential Failure)

I have a question regarding the ise license.

Posture Policy for Wired & Wireless endpoints