Network Access Control

Multiple VPNs in ACS 5.2

Hi,I'm trying to setup a system like this. I've to vpn groups defined in the router. Authentication is done via 5.2My question is, how can i lock a vpn group to a user group in ACS so that a user cannot connect to vpn if trying to connect from the ot...

POD on Cisco 3845 to Radius Server

I have configured my Cisco 3845 with aaa for Radius acc/auth, however, with POD i get the following error: no matching session,Can someone assist me?THIS IS THE WHOLE CONFIG FOR RADIUS - AAA:3799 UDP port for Disconnect Packet to Radius:radius-server...

how to bind AAA group to WLAN on controller

Hi,I have three groups on Cisco ACS 4.2 and threee WLAN on Cisco 4400 controller named sales,marketing and store.now users from sales can access WLAN marketin and have the IP address of marketing vlan, I want to bind acs groups with WLAN.eg. if abc u...

integrate ACS engine with AD

dearsi have ACS Engine version 5.0 and i want to integrate it with MORE than AD . can anyone advise how can i do it.ASAP PLEAS OSAMA

Resolved! ACS 5.2 - Identity Group as Authorization Condition is not working

Hello,I trying use "Identity Groups" as "Compound Condition" in My "Access Policy" Authorization rule:.Result is simple Radius Class attribute which should be passed to SSL VPN gateway (picture is modified to be smaller):Every user in my Radius datab...

Resolved! AAA problem with Nexus

Hi out thereI am trying to get the config right on our nexus switches to use our local ACS server for authentication and command authorization. I of course want to make yuse of a local user-database if the connection to the central ACS server fails. ...

AC S 5.1 Administrator report

We are using ACS 5.1 How can we view the administrator logins? When I generate a 30 day report through Monitoring and Reports>ACS Instance > ACS Administrator Logins, the report is blank. Yet we have had many administrators logins.

Resolved! command authorization for ASA

Hi all I have configured ASA firewall for command authorization with ACS.For users with privilege level 15 it is working fine.But when i login with users with privilege level 0, first when i enter the username and password ,it enters into enable mo...

Cisco ACS 5.1 - Generate Reports

All,I need to provide a user that has access to ACS restricted to generate reports only, and I want to release only a single report and that the user can not create new reports and not change what is available.Is It possible?Thanks!--Rafael Trujilho

Resolved! TACACS+ and RADIUS - Does either care about hostname?

When first experimenting with TACACS+, I remember changing the hostname on a router and having it cause issues with authentication. Is it normal for TACACS+ to use a devices hostname as part of the authentication process? What about RADIUS?

Using TACACS+ auth from ACS 5.1.0.44 to ACE. Having Issues with Shell (Exec)

Using TACACS+ auth from ACS 5.1.0.44 to ACE. Having Issues with Shell (Exec)So I am trying to get TACACS+ auth to work for my ACE.The command string that I have on the ACE is as follows:tacacs-server host 172.16.101.4 key 7 XXXYYYZZZ timeout 15aaa gr...

Resolved! NAC Guest Server - how to reactivate suspended users

I am wondering if it is possible to reactivate suspended users.My customer wants to set up guest users for external consultants who are on site for a few weeks every year. He does not want to set up new users every year, instead reactivate the suspen...

Catalyst WS-C2960G-48TC-L and dot1x

hello, i have a WS-C2960G-48TC-L switch with (C2960-LANBASEK9-M), Version 12.2(53)SE2 IOS. I need to configure on his interfaces dot1x, but is not active all de options on the interface dot1x submenu:C2960G(config-if)#dot1x ? credentials Credent...

Resolved! rejected mac addresses are not placed in guest vlan

Hi all,I am kind of new to switches and learned a lot by reading the documentation sites. My job is to enable aaa authentication on our Cisco switches, we have a 3750stack, a couple of 3560s and some 3550s. I am testing on one of the 3560s, a WS-C356...

ACS SE 4.2 and Time sync problems

Hello,we have several ACS SE 4.2 (Release 4.2(0) Build 124 Patch 17) and I can not make any of these devices to sych their time through ntp.System Configuration -> Appliance Configuration -> NTP Synchronization Enabled -> NTP serversAfter I've speci...

Network Access Control

Forum Posts

Multiple VPNs in ACS 5.2

POD on Cisco 3845 to Radius Server

how to bind AAA group to WLAN on controller

integrate ACS engine with AD

Resolved! ACS 5.2 - Identity Group as Authorization Condition is not working

Resolved! AAA problem with Nexus

AC S 5.1 Administrator report

Resolved! command authorization for ASA

Cisco ACS 5.1 - Generate Reports

Resolved! TACACS+ and RADIUS - Does either care about hostname?

Using TACACS+ auth from ACS 5.1.0.44 to ACE. Having Issues with Shell (Exec)

Resolved! NAC Guest Server - how to reactivate suspended users

Catalyst WS-C2960G-48TC-L and dot1x

Resolved! rejected mac addresses are not placed in guest vlan

ACS SE 4.2 and Time sync problems

Warning : ISE is experiencing latency issues, please check your networ

CSCwp21394 - wired nads failing CTS with error

CSCvv82262 - ISE 3.3 menu missing

ISE Machine / User Authentication Questions

secure LDAP not working via ISE DACL

Deploying an ISE Virtual Machine

ISE 3.2 P7–Context Visibility reset impact

Cert Authentication Profile in ISE

switch to the secondary PAN node

TACACS+ Authentication Succeeds on ISE but Fails on Switch