Network Access Control

Resolved! How to uninstall a license in ACS 5.1

Hi everyone,We have two ACS 5.1 appliances. By mistake we install the same license in both devices and when we tried to register the secondary ACS to the primary ACS it says the the license is already in used in the deployment. Furthermore, it is not...

NAC authentication SSO crashed after update fixes in Win Server2K3

NAC 4.7(2) authentication SSO with Active Directory on WinServer2k3 crashed after update the next fixes:KB2478971 KERBEROS WEAK HASHING ALGORITHMSThis update addresses the vulnerabilities by preventing the use of weak hashing algorithms in b...

Resolved! Tacacs is show the UPD?

Hi,I want to know about the UPD port is open when I do below activity?Router#sh run | in tacacstacacs-server host 1.1.1.1tacacs-server directed-requesttacacs-server key ciscoRouter#sh control-plane host open-portsActive internet connections (servers ...

ACS 5.x AD mixed vs native mode

we are turning off Mixed Mode in our AD environment, a change from which I'm told there is no retreat. Are there any configuration changes that need to be checked to support a 'Native' only AD environment.

Resolved! Cisco IOS-XR with ACS

Hello, my question is if you have to configure the Cisco IOS-XR enabled router (it is a 12k series by-the-by) differently on the ACS side or is it added like any other normal router.

after changing ACS AD domain unable to display groups in new AD domain

Hi,I changed my ACS 5.2.0.26 from a joined active directory to a new active directory domain, everything is ok for the test because i can see in ACS :Joined to Domain:.tp.group.local Connectivity Status:CONNECTEDit means that ACS is connected to AD.N...

Resolved! ACS 5.1 Accounting

HiDoes anyone know how to alter the retention / purge period fot the accounting logs in ACS 5.1.Many ThanksJason

ACS - LDAP TCP Keepalive (v5.2)

reposting as with subject including v5.2:--------HelloI have an ACS 4.2.1.15 patch 3 and Novell Netware LDAP Server separated by a Firewall. The Firewall's default tcp session timeout is 3600 seconds.When no LDAP-Request is made for over one hour, th...

ACS 5.1 Tacacs+ Nexus 5000

Hello,Am having somes problems changing the role of my AD validated user on my nexus.Users are validated against AD then am trying to push AVpair attribut to change the user role to network-admin.All setting are getting assign to my user ( access pro...

Framed-IP-Address in Start Accounting message

We have a 5400 plataform configured with Radius Accounting and I am seeing that the attribute 8 (Framed-IP-Address) appears only in the Stop message.The cuestions is...how i can to do that the attribute 8 will be included in the Start message too?Reg...

Framed-Ip-Address missing in Access-Request & Acct-Start messages

We have a Cisco 7206(IOS12.2(33)) equipment associated with freeRadius server2.1.10. Upon PPPOE client start, dynamic IP is assigned from the IP-Pool to the PPPOE client. However this IP address, is not included in the Frame-IP-Address AVP sent in t...

AAA commad authorization

DudesWe had problem in replicatiing database to secondary ACS (4.2) server, Somehow I've managed to fix the issue by changing firewall inspection and shared secret.Now I've got new issue with "command authorization failed" after successfull authentic...

aaa commands

Hi group ,help me with the following aaa commands1)aaa authentication login default group tacacs+ nonedoes it means if my tacacs server fails , the user will be authorized immediately (no authorization done ) as the next method list is "none"2) aaa a...

Multiple WLAN setup using IAS to authenticate

I have IAS running on Windows Server 2K3 with a WLC 4400 controlling several APs. What I would like to accomplish is this:WLAN 1 - For normal domain users, radius profile set to match on Windows Group Domain Users.WLAN 2 - For Executives, radius pro...

ACS 5.x Backup config

HelloI've been trying to set up my ACS to perform a backup but I'm having some trouble:I set the repository:repository tftp url tftp://10.40.1.102/I run the backup:acsbackup config-ACS repository tftpFailed to perform ACS backup: File transfer error...

Network Access Control

Forum Posts

Resolved! How to uninstall a license in ACS 5.1

NAC authentication SSO crashed after update fixes in Win Server2K3

Resolved! Tacacs is show the UPD?

ACS 5.x AD mixed vs native mode

Resolved! Cisco IOS-XR with ACS

after changing ACS AD domain unable to display groups in new AD domain

Resolved! ACS 5.1 Accounting

ACS - LDAP TCP Keepalive (v5.2)

ACS 5.1 Tacacs+ Nexus 5000

Framed-IP-Address in Start Accounting message

Framed-Ip-Address missing in Access-Request & Acct-Start messages

AAA commad authorization

aaa commands

Multiple WLAN setup using IAS to authenticate

ACS 5.x Backup config

Necesito configurar un portal de invitados "hibrido" en ISE 2.7

Cisco ISE JSON SMS

CSCwn25013 - ISE 3.2 P7: Patch install breaks db-reset

Cisco ISE, no SXP-bindings from session

Occasional delay in assigning ISE SGTs to client traffic on NAD

CSCwn09816 - RADIUS Shared Secret Masking

DNS IP update in ISE

possible to login via web ISE NAC with using Tacacs server ISE

ISE Netscaler Loadbalancing Cross-Service Persistence

How to extract Radius Accounting data/log from Cisco ISE 3.3