Network Access Control

TACACS+ accounting issues on FWSM 3.1(11)

Hi All,I am having a problem with implementing TACACS+ on the FWSM 3.1(11). The issue is, I can add the command "aaa accounting command privilage 15 group-name" but after adding i cannot see the username from the ACS server. The username displayed is...

Resolved! ASA 5505 - Controling Internet Access for Users

Hello All, I have a Cisco ASA 5505 device connecting my LAN to the internet using PAT/NAT. I want to restrict access to the internet on ports 80 and 443 on a per user basis. I.e allow management staff access whilst restricting general staff. I under...

Problem with ACS group mappings

When user login and authenticate through ACS they are dropped into the Group:Default instead of the group that I created for them.I have added wireless to our environment, I want to take advantage of using Radius and 802.1x to authenticate the wirele...

ACS - Network Access Restriction

Hi,We have simple ACS deployment where we have a number of users throughout the world that require access to network devices.At present, I can manage access using custom attributes for specific clients, WCS, WLC's for example.What I want to do is lim...

600GB needed for ACS 5 vmware? Why?

I was looking at the requirements for ACS 5.0 VMware image and it states that the ESX server needs 600GB of drive space and that the ACS VM requires 500GB of virtual drive space.Why is this much drive space really needed? The 5.0 appliance only has ...

Show config not working in ACS "Shell Command Auth set"

To allow an AAA user access to the "show config" command I have created them an account in ACS and assigned the relevant "Shell Auth Set" but it still does not permit them to use it?, I read that this may not be the command that the switch sends the ...

ACS4.1 - More than 15 new services under TACACS+ ?

Hello,if it is possible we want to access all our applications (LMS, WCS, WLSE,...) over the TACACS+ integration and ACS.So we have a lot of "new services" under Interface Configuration -> TACACS+ (Cisco) -> New ServicesIs it possible to add more tha...

Resolved! Problem with MS IAS and AAA

I am configuring AAA . I am configuring a Router so that when users will access it using line vty they should be authenticated by the Active Directory . I have configured AAA on the Router and IAS on Microsoft Windows Server 2003 .But when i type " t...

Resolved! ACS 4.1 External DB with Windows 2008 AD

I have the following scenario:- ACS ver 4.1.1.23 on Windows 2003 Standard with SP2, Domain controller server- The main AD database is running on Windows 2008Does anybody knows if I still need to upgrade from 4.1.X.Y to 4.2.X.Y to be able to authentic...

Unable to allow "show configuration" command

ACS is being used for AAA Authorization, and I have allowed a user to run "show command" but the ACS server always fails the request "saying command unknown"

ACS can't load "Chinese" domain name on the LDAP.

I was use ACS 4.2 and to used external user database by the LDAP.The ACS could load English domain or name. But it couldn't Chinese dommin name.How do I to do ?

EAP-TLS problems Windows XP

We are using Cisco ACS 4.1 for Windows RADIUS server, Windows 2003 PKI, 3750 access switch and Windows XP SP 3 workstations.Problem is that users with user certificate can loging successful by 802.1x. When user logs in without user certificate (but w...

Radius and Windows Server/2008

I am trying to use Radius for Port-Security on a Catalyst 3560; the Radius-Server is a Windows Server/2008.I am not able to get authenticating.This is the Configuration of the Switch:SW-SEDE#sh runBuilding configuration...Current configuration : 2845...

Error 413 Cannot Authenticate

I have about 10 VPN clients connecting to a Cisco ASA 5510. I am getting calls that sometimes people are getting 413 errors here and there. When they out it username and password, the dialog box pops up again and then they get a error 413 cannot auth...

802.1x Authentication in Extreme architecture

Hi all,Objectives :Authenticate a supplicant on a Extreme 802.1x port with an ACS SE 4.2Supplicant = IP PhoneAuthenticator : Switch Extreme 450 EAuthentication Server : ACS SE 1113 4.2.0.124.91) We have done the tests with a Windows ACS 4.2.0.124 and...

Network Access Control

Forum Posts

TACACS+ accounting issues on FWSM 3.1(11)

Resolved! ASA 5505 - Controling Internet Access for Users

Problem with ACS group mappings

ACS - Network Access Restriction

600GB needed for ACS 5 vmware? Why?

Show config not working in ACS "Shell Command Auth set"

ACS4.1 - More than 15 new services under TACACS+ ?

Resolved! Problem with MS IAS and AAA

Resolved! ACS 4.1 External DB with Windows 2008 AD

Unable to allow "show configuration" command

ACS can't load "Chinese" domain name on the LDAP.

EAP-TLS problems Windows XP

Radius and Windows Server/2008

Error 413 Cannot Authenticate

802.1x Authentication in Extreme architecture

On-Demand Webinar: B&M Security Transformation with Cisco XDR

Congratulations to the Event Top Contributors Class of 2024!

Cisco + Splunk: It's a new day for your data.

Knowledge Hub: Cisco Technology for Securing the Enterprise

Announcing Resources That Guide You to Success

Fetch Attributes with Store Procedure Type: Returns Parameter MySQL

Windows virtual machine is Posture COMPLIANT without checking

I would like to inquire about the Password Lifetime in ISE

Cisco Secure Client ISE Posture Scan Summary disappears

How can i set the ISE CLI Admin Password policy

Cisco ISE Azure - 2nd NIC issues for Guest

Unable to authenticate in Console, but can via SSH

Reducing the required Privilege Level to write to memory

AAA Radius Servers

ISE POSTURING Product not found