Network Access Control

AC S 5.1 Administrator report

We are using ACS 5.1 How can we view the administrator logins? When I generate a 30 day report through Monitoring and Reports>ACS Instance > ACS Administrator Logins, the report is blank. Yet we have had many administrators logins.

Resolved! command authorization for ASA

Hi all I have configured ASA firewall for command authorization with ACS.For users with privilege level 15 it is working fine.But when i login with users with privilege level 0, first when i enter the username and password ,it enters into enable mo...

Cisco ACS 5.1 - Generate Reports

All,I need to provide a user that has access to ACS restricted to generate reports only, and I want to release only a single report and that the user can not create new reports and not change what is available.Is It possible?Thanks!--Rafael Trujilho

Resolved! TACACS+ and RADIUS - Does either care about hostname?

When first experimenting with TACACS+, I remember changing the hostname on a router and having it cause issues with authentication. Is it normal for TACACS+ to use a devices hostname as part of the authentication process? What about RADIUS?

Using TACACS+ auth from ACS 5.1.0.44 to ACE. Having Issues with Shell (Exec)

Using TACACS+ auth from ACS 5.1.0.44 to ACE. Having Issues with Shell (Exec)So I am trying to get TACACS+ auth to work for my ACE.The command string that I have on the ACE is as follows:tacacs-server host 172.16.101.4 key 7 XXXYYYZZZ timeout 15aaa gr...

Resolved! NAC Guest Server - how to reactivate suspended users

I am wondering if it is possible to reactivate suspended users.My customer wants to set up guest users for external consultants who are on site for a few weeks every year. He does not want to set up new users every year, instead reactivate the suspen...

Catalyst WS-C2960G-48TC-L and dot1x

hello, i have a WS-C2960G-48TC-L switch with (C2960-LANBASEK9-M), Version 12.2(53)SE2 IOS. I need to configure on his interfaces dot1x, but is not active all de options on the interface dot1x submenu:C2960G(config-if)#dot1x ? credentials Credent...

Resolved! rejected mac addresses are not placed in guest vlan

Hi all,I am kind of new to switches and learned a lot by reading the documentation sites. My job is to enable aaa authentication on our Cisco switches, we have a 3750stack, a couple of 3560s and some 3550s. I am testing on one of the 3560s, a WS-C356...

ACS SE 4.2 and Time sync problems

Hello,we have several ACS SE 4.2 (Release 4.2(0) Build 124 Patch 17) and I can not make any of these devices to sych their time through ntp.System Configuration -> Appliance Configuration -> NTP Synchronization Enabled -> NTP serversAfter I've speci...

switch>en % error in authentication

Hi All, Can anyone tell me to configure enable password in ACS 4.2.Initially I configured username and password for login authentication in ACS 4.2.Please have a look the below command i have given to switch:aaa authentication login default g...

ACL in NAC-L2-IP on Catalyst 3750

Hello Team,I have problem with NAC-L2-IP on Catalyst 3750. Posture validation comes successfully , host assigned Healthy token (or Quarantine, depends of what I put on ACS). I use profile-based NAC-L2-IP Network Access Profile along with default Down...

[ASK] ACS accounting for WEB GUI configuration change

Hi,I want to ask if the ACS accounting can be used to log any changes made in web base configurations like ASDM / PDM (for FWSM and ASA) and ACE web GUI. As I know that ACS accounting can log all the change made in CLI.Warm Regards,Charles Chia

Resolved! TACACS + Command Logging Problems

All,Working on a problem that I'm having getting command logging setup for my switch / router infrastructure. Below is my config, authentication is working, both console & SSH. Authorization is also working. Some of my accounting features are work...

Resolved! ACS 5.2 selection policy/access service attribute question

helloi'm using ACS 5.2.0.26 and have created Service Selection Policys to authenticate wireless PEAP clients based on the domain suffix used by the clients. if i use the RADIUS attribute RADIUS-IETF:User-Name to do this, am i right in saying that thi...

RSA authentication with LDAP group mapping

Greetings, I'm trying to set up RSA authentication with LDAP group mapping with ACS Release 4.2(1) Build 15 Patch 3. The problem I'm having is that my users are in multiple OU's on our AD tree. When I only put our base DN in for User Directory Subtr...

Network Access Control

Forum Posts

AC S 5.1 Administrator report

Resolved! command authorization for ASA

Cisco ACS 5.1 - Generate Reports

Resolved! TACACS+ and RADIUS - Does either care about hostname?

Using TACACS+ auth from ACS 5.1.0.44 to ACE. Having Issues with Shell (Exec)

Resolved! NAC Guest Server - how to reactivate suspended users

Catalyst WS-C2960G-48TC-L and dot1x

Resolved! rejected mac addresses are not placed in guest vlan

ACS SE 4.2 and Time sync problems

switch>en % error in authentication

ACL in NAC-L2-IP on Catalyst 3750

[ASK] ACS accounting for WEB GUI configuration change

Resolved! TACACS + Command Logging Problems

Resolved! ACS 5.2 selection policy/access service attribute question

RSA authentication with LDAP group mapping

Cisco ISE-V-3.3.X: CSCuj78705 >Schedule Report Attachment through mail

ISE Machine / User Authentication Questions

secure LDAP not working via ISE DACL

External Radius with dACL

Necesito configurar un portal de invitados "hibrido" en ISE 2.7

Cisco ISE PEAP to TEAP Auth Policy Set

Cisco ISE on Azure Cloud

CSCwn25013 - ISE 3.2 P7: Patch install breaks db-reset

Sponsor Portal behavior after SSO

whats the difference between EAP-TLS and TEAP ( EAP-TLS )