Network Access Control

Does anyone know which specific permissions within Microsoft AD the username programmed into the ASA for LDAP authentication needs to have? The documentation just states that the username needs to be an administrator within active directory, but I do...

I am having trouble getting my NTP to authenticate i can get it to sync with the ntp authenticate command out of the router 2 config and then enter it back in and it continues to sync but i am not sure if it is actually using the authentication at th...

Is there a way to log when users login and out of the VPN? I know with ASDM you can see currently logged on users and other stats about the sessions in progress but I need to verify if someone says "I was logged in last night working" than in fact t...

Hi,Does anyone know if it is possible for the Radius Server to use the groups of AD to determine which vlan to put a user in when using 802.1x control on switch ports.RegardsMiron

Hi All,Can some one provide a solution for the below requirement?We do have ACS 4.2 appliance managing firewalls of different clients. The users are common i.e, helpdesk administrators. One of the client came up with setting different password policy...

HellowI'm using NAP's and want to use MAB as well. Right now i use the ACS Util to add MAC addresses to the right ACS Groups. But when using NAP's, I need to configure MAB under "Authentication" in the profile. Right there i also have to add all the ...

Hi,Is that possible to configure read-only access of ASA firewall in ACS 4.2; that too particularly for ASDM? Read-only is working fine for SSH protocol. But the customer requests for read-only access through ASDM.Plz suggest a solution with detailed...

Hi, we download a ACS v5.0 for evaluation proposes and we like to know if it possible install this eval on a VMWare Server 2.0, can some help us? Thanks

Hi NetProsMy objective is to assign static IP address for VPN clients. The tunnel group authentication is on a AAA LDAP server.AAA LDAP queries has been configured and tested to work.I followed the guide below, but could not get static IP assignment ...

Authentication failes with message:ACS MSCHAP password is invalid.Group auth works perfect.This problem only occurs when the local ACS User has an \ in the username Domain\user123The auth works perfect with the same password and the Username user123 ...

I see several posts on this subject have been added already, but I thought I would add my 2c.I've been trying to get a remote IPsec VPN(Cisco client) connecting from the inside of our office ASA to a remote ASA. The client would connect fine, but no...

Hi !I try to limit available command in user mode.... it does'nt work...Exemple I had permit show command for user DSC in my ACS shared profile.When user DSC telnet my router the authentication is validate by the same ACS. On the prompt > the DSC us...

Not having much luck getting this to work and searching the forums here everybody seems to say it is not possible unless TACACS+ is used. Is this still the case? I see the AAA/ACCT/CMD in the debug on the local switch but the RADIUS server never re...