Network Access Control

Resolved! Disabling weak protocols in ACS 4.2?

This may be old hat by now but can someone confirm or deny that the SSH server on ACS4.2 can be configured to avoid client negotiation with weak protocols? I'd like to ensure that SSHv1 cannot be used. If it (SSHv1) can be disabled, exactly how is th...

Resolved! how should i patch acs se 4.2?

Hello people,I have cisco 1113 with acs se 4.2.0.124 with no patches installed. Should i install all patches one by one or just install the final patch?Thank you,Serik

ACS 5 EAP-TLS WLC Issue

I have a wireless environtment with Cisco WLC 5508 and some AP. I am using an ACS 5 has an external database of Active Directory. I also using a Windows Server 2003 as a Certificate Authority.I tried using PEAP(MSCHAPv2) and the client successfully a...

Internal DB replication Problem

Hi There,I have one ACS SE 1113 and another SE1112. Both devices are running 4.2.0.124. I setup both devices and had replication working properly local just yesterday. The 1113 was on one subnet and 1112 on another. It worked perfect. I moved the...

Radius AAA authentication

I couldn't find anything relevant, but apologies if it has already been answered.Is there any way of encrypting the traffic between a switch and a radius server when using radius to authenticate switch logins? As far as I can tell the traffic is pass...

decrypted tacacs-server key

Hi,does anybody know if I can use a encrypted algorith for password in order these password cannot be decrypted with any software? When I use "service password-encryption" command, password is encrypted with a Cisco proprietary weak encryption algori...

Resolved! feature "Proxy Distribution Table" in ACS 5.2?

Hello!Is it possible to have something similar to the ACS 4.2 proxy distribution table in ACS 5.2?I need to authenticate my users with ACS against AD and let guests authenticate against external radius proxies.In 4.2 I manage this with the proxy dist...

Is it possible to change password at first login in ACS 5.1 via radius?

HiIn ACS 5.1, when defining the users, you can click on "change password on first login". So far, when the user is created this way, it is not even allowed to log in with the assigned password, and as a result it is not asked to change the password e...

ASA cut through proxy with RADIUS challenge response?

Have this working for IPSEC VPN on same box (tested on 8.2.1 and 8.2.3)Want to do cut through proxy with challenge response - same ASA and same RADUIS server but using aaa authentication match command and this is what happens...It looks like the ASA ...

Logging in to a Nexus 5000 and UCS Manager via ACS

Hi all,I have an environment with Nexus 5000's and 6000's that are running UCSmanager. My problem is that it seems that the two switches both use theCisco-AV-Pair but have different roles associated with admin level privs. For example, I have succes...

attribute definition syntax

Hi !I planned to migrate our MDS switches to TACACS+ for AAA services. I the documentation I find some different way to defining attributes :http://www.cisco.com/en/US/docs/storage/san_switches/mds9000/sw/rel_2_x/fm/configuration/guide/radius.html#w...

Command Authorization in ACS 5.0

Hi,Can anybody route me to configuration example for command authorization in routers or switches or firewall for ACS 5.0.ORUSER-A should be placed in privilege level 2 and given access to all debug commands and the undebug all command.Assigned speci...

Internal Error: ACS and AD authentication

HiI have done my VPN user authentication with user database on AD via ACS. The version of ACS appliance is 4.2.1.15 on 1120 platform.All configuration done, but problem arises when user first time authenticates, I got message in ACS in failed attempt...

ACS 5.x - Health Status

Good morning everybodyCurrently I have installed 2 ACS 5.x with one of them defined as primary. When checking the health status of the 2 devices via "Monitoring and Reports - Dashboard" I get an "Status not available" for the secondary device which o...

Does ACS 4.2 work mysql ?

Hi,I want to authanticate to user on mysql. In my system ACS is Radius server and MySQL is the user database. I use the ODBC connector on ACS.When I configure ODBC authentication on ACS, take a error " DSN successfully connected. Driver reports proce...

Network Access Control

Forum Posts

Resolved! Disabling weak protocols in ACS 4.2?

Resolved! how should i patch acs se 4.2?

ACS 5 EAP-TLS WLC Issue

Internal DB replication Problem

Radius AAA authentication

decrypted tacacs-server key

Resolved! feature "Proxy Distribution Table" in ACS 5.2?

Is it possible to change password at first login in ACS 5.1 via radius?

ASA cut through proxy with RADIUS challenge response?

Logging in to a Nexus 5000 and UCS Manager via ACS

attribute definition syntax

Command Authorization in ACS 5.0

Internal Error: ACS and AD authentication

ACS 5.x - Health Status

Does ACS 4.2 work mysql ?

UserPrincipalName not showing in ISE Log for certain user

CISCO NAM installation by iso generated by System Center

can i USE 2 CISCO ISE posture policy in same time with 2 Anti malware

High Response time for Entra ID TEAP with ISE

Cisco C9200-M Meraki agent posture support - ISE integration

Cisco ISE 3.4 Ports for Elastic Search

Cisco ISE TACACS+ MFA

Cisco ISE Guest Portal and Ruckus One wireless

ENTRA ID Registered Devices

Cisco ISE PAN License