Network Access Control

Problem whit port console for ACS in switch 2950-XL!

I set a Catalyst 2950 switch to the console port authentication is THROUGH the ACS, in case of failure to use the local user base, works well. the problem is with a 2950-XL switch, which does not support the command aaa authorization console, I can d...

ACS with Sidewinder G2

I am trying to implement Radius (using ACS v3.2) on Secure Computing's Sidewinder G2. It appears I need a VSA (vendor specific attribute) to make it work properly. I have tried it with Radius (IETF) but no luck. Any suggestions on how I might go ab...

Defining services in TACACS Server

I have to define the following IPSO-specific service in your TACACS+ server:service = nokia-ipso {Nokia-IPSO-User-Role = "role_name_on_IPSO"Nokia-IPSO-SuperUser-Access = <0|1>}How can I do it?

Cisco ACS v5.0 with PEAP-MSCHAPv2

I am have problems setting up the Cisco ACS server with PEAP-MACHAPv2. Does any one have a step by step guide to help with this issue..

Question about service CSTacacs and delete AAA Client?

I am running the ACS and all this good, I delete a AAA client of the ACS, try logging in again and let myself go! .. I had to restart the service CSTacacs to not allow access to the AAA client is well removed ..this is correct? or is there some way t...

Resolved! Stop ACS 5.0 upgrade in progress

How do I stop an FTP upgrade if it is pointed to an incorrect FTP location.

Resolved! Authorization Set Not Working Properly

I'm trying to set up an authorization set to restrict users to certain commands. However, it seems like it works for some commands, but not for others.In ENABLE mode, the auth set seems to work properly. However, once I get into CONFIG mode, it no ...

set an ip unnumbered from radius

Hi all,I was reading a lot documentation and testing a lot of scenarios but i can not set template configuration from RADIUSâ€¦This it my configuration,aaa new-model!!aaa authentication login admin localaaa authentication ppp default local group radi...

Restricting Access to Group

HelloI have ACS 4.0 authentication through external database Windows Active Directory. I want only support group created on ACS to have access rights to AAA client [Routers,Firewall,Switches] for telnet & SSH all members of other group should be deni...

Resolved! Denying AAA Clients to a specific user group in ACS v4.1

Using 4.1 is there a "simple" method of simply denying a usergroup the ability to even login to specific AAA clients? Customer has a telephony group that they want to allow them to telnet and check into all the voice routers, but no other routers, t...

Resolved! I can not use the same ip address for three NDGs ACS.!

Hello. Install ACS 4.2 Build 124 Patch 13, I created three NDGs, My server has the IP 192.168.1.10, adding the same three NDGs server gives me this error:An overlapping IP range 192.168.1.10 conflicts have been detected with ACS entry of 192.168.1.10...

AAA Authentication ACS and Router

Hello All,I have an ACS with AAA clients (routers) added as TACACS+ (Cisco IOS). And as such I am able to log on to the devices with my username and password which is stored locally on the ACS. However anyone from any group can log in. How can I rest...

ACS Error messages

Hello -I am receiving the following two ACS failed attempts logs for wireless clients connecting to WLAN using WPA1/PEAP."NAS duplicated authentication attempt""EAP-TLS or PEAP authentication failed during SSL handshake"I am seeing these messages for...

Resolved! Shared Secret Mismatch in DB Replication

Implementing Database Replication in two Cisco ACS SE 1113, and the ACS Version is 4.2.0.124. It failed with an error message "Shared Scret Mismatch", however it is same on both boxes. Any idea what would be the problem?

Controlling VPN access

Hi Guys,We have a Cisco ASA 5510 and ACS 4.1 configured and the users can VPN into ASA and are authenticated by the ACS which is mapped to Active Directory and all works well.I now need to know how to configure VPN access to allow certain groups to h...

Network Access Control

Forum Posts

Problem whit port console for ACS in switch 2950-XL!

ACS with Sidewinder G2

Defining services in TACACS Server

Cisco ACS v5.0 with PEAP-MSCHAPv2

Question about service CSTacacs and delete AAA Client?

Resolved! Stop ACS 5.0 upgrade in progress

Resolved! Authorization Set Not Working Properly

set an ip unnumbered from radius

Restricting Access to Group

Resolved! Denying AAA Clients to a specific user group in ACS v4.1

Resolved! I can not use the same ip address for three NDGs ACS.!

AAA Authentication ACS and Router

ACS Error messages

Resolved! Shared Secret Mismatch in DB Replication

Controlling VPN access

EAP-TLS Device Certificate for Entra Joined Devices with Intune

Posture assessment report never finishing

NetFlow Probe Profiling – Missing IP and Port in ISE Context Visibili

Default Route SGT

PX Grid Connector and Service NOW

ISE Profiling Conflict

Scenario ISE-Pri dead and promote ISE-Sec to Primary

can no longer ssh into the Primary Admin/Secondary MnT node

NTLM Disabled and ISE-PIC

Impact of Resetting ISE Context Visibility on Endpoint Connectivity