Network Access Control

I'm trying to set up AAA accounting for all commands executed on all of my switches. We have a TACACs Server running Cisco ACS v3.1. What commands do I need to enter on my switches for it to send accounting messages to my TACACs server?

New to the group and I do have a situation that I hope someone can help me with. I am trying to set up a lab for one of my courses and I am using XP with Cisco VPN Client 5.0.0.3, a Cisco 2621XM router and Cisco Secure ACS version 4.2 configured for ...

I have "ip tacacs source-interface Vlan1 " in my config because without it enabled I cant ssh in with tacacs. However, with that line in the config, I cant access via https unless I have the line "ip http authentication local"

Hi, I tried to configure MAC authentication for registed users by ACS. But failed. Need help.

Hi,I want to achieve mac based authentication for wired users so that any non-registered mac address can be moved to a different zone from where only http access will be provided, rest all access will be blocked. Once his MAC address is entered into ...

Hi,Software Version: CiscoSecure ACS for Windows 2000/NTRelease 3.0(3) Build 6I've created the ini file below and added it using csutil -addUDV 8 laurel-vsa.ini (tried other slots too). [User Defined Vendor]Name=LaurelIETF Code=5395VSA 1=Laurel-Login...

Hello There,Where does ACS hold all the authenticated user? Is there any way to read these authenticated information? Thanks and regards,Lahki

We have ACS40 in place authenticating users and machines. There is another separate key application in our network, which will grant access to authenticated user only. How can ACS forward/share the live authentication information with other applicati...

I'm trying to setup a Shell command auth set for clearing interface counters but I can't think of a way to do so. Is there a way to do something like:"permit counters interface *"?TIA

I have an ACS 4.1 Windows server running TACACS. It si working on all devices within the enterprise except for one new ASA at a remote site. There is no NAT going on or anything and the ASA can ping the ACS box and the ACS box can ping the ASA.I ad...

We deployed ACS 4.0 (NOT ACS SE) and WLAN in our corporate network.Our ultimate goal is to have each staff authenticated against our AD via ACS.We managed to get PEAP working successfully, but failed with EAP-TLS.From the log we noticed that when PEA...

We deployed ACS 4.0 (NOT ACS SE) and WLAN in our corporate network. Our ultimate goal is to have each staff authenticated against our AD via ACS using EAP-TLS. We managed to get PEAP working successfully, but failed with EAP-TLS. From the log we noti...

Dear All,I want to install Tacacs+ in Solaris 9. And user name and password should be match with my Systems home accounts users, hence they can change their password anytime.Cany get me the conf, How should I do this?Thanks..

Hello,I currently have and ACS system authenticating against a Win2K3 AD database. I have a user that is a member of multiple security groups that are mapped to multiple groups on the ACS. I want to be able to force authentication against a specifi...