Network Access Control

Hi all,I've read the cisco ACS functionality called 'Unknown User Policy': if a user is not present in the local database the acs can forward the authentication request towards an other External Database.My quesion is: can I use an other Cisco ACS as...

I'm trying to setup two different groups on ACS SE - one with full admin access and read only. I want to limit readOnly group do "show" command on routers switches, and ASA. What will be the best way to achieve this? Thanks.

Hello,does anyone has experience in upgrading the 1113 SE from 4.0.1 to the current version (4.2)? Our customer does not have a recovery CD. I did not found such an image on CCO. In case of any problems how can the system be recovered? Exact version ...

We recently upgraded to ACS 4.2. All works perfectly except for replication. I now receive an error ACS Internal Database Replication Errors1.To disable receiving of EAP-FAST replication component, "EAP-FAST master server" must be enabled on "Global ...

Just wanted to share this with the group. We have a large deployment of Alcatel 7x50 routers and that box will not correctly authenticate without getting their specific VSA's back. They do provide a freeradius dictionary file but I could not find a...

HiI have defined on a router 2 usernames: admin and vpn.I want the user admin to be the only accepted by the router to login for administrative purposes, whereas the vpn user must be the only one accepted for VPN remote access to the local LAN.The au...

I have a problem with one of my ACS servers, in the Network Configuration the ACS is showing itself as Self 127.0.0.1The problem is that I can't change any of the settings, in particular the Key, because it says the IP address is reserved. The serve...

I tried to upgrade on of our ACS SE to the latest patch but after the upgrade went through I can no longer get GUI access. I can ping it and console to it but GUI will not come up. I have tried stopping and restaritng the services, rebooting and en...

I am trying to setup router authentication using Active Directory. My RADIUS server is communicating with my router, but I do not know how to define the Active Directory security group within my router. Could someone help me tell my router that the...

Can you use kerberos authentication with a Cisco 1841 router and/or a Cisco Catalyst 3560G? I would like to integrate Active Directory with our router login.

In Cisco Secure ACS, there is an optionto allow user(s) to change password whenlogging into the routers. I am runningIOS version 12.4 and ACS 4.2 and it worksfine when I telnet into the router.However, I can not get it to work whenI ssh into the rou...

I configured my 3750 switches to use the "aaa authentication banner" command and I setup a custom banner. If the ACS server is online I don't see this custom banner. If I disconnect the Cisco ACS server from the network forcing local authentication...

customer have a cisco secure acs release 4.2(0) build 124 patch 5 installed in a windows 2003 under netbios domain "bsbr" (fqdn bs.br.bsch)stations from this domain have sucess on authenticationusers from this domain have sucess on authenticationther...

Hi all,I have installed UCP 4.2 in windows 2003 Enterprise SP2 and i have encountered a problem of "CGI error ".I have searched about this error and got to know about the bug with this error, I have done the changes as per the workaround.Like changed...