Network Access Control

I have a totally isolated newly installed Windows Server 2008. It is the forest root, DC, GC, DNS and Netbios server and has ACS installed directly on it. When using local database in ACS user account it works great to AAA Tacacs Auth. When trying...

Hello I've got a few hundred edge user switches (mostly 2950s) which I've setup for AAA with ACS 4.0 to allow some technicians to access the edge switches and change speed/duplex/description and shutdown/no shutdown the fastethernet interfaces only (...

Hello Following a config guide I was able to edit a user group and send the parameters the ACE was expecting as to user, role and domain in order to authenticate within the right context and with the right privileges. This, though, was made on a test...

Hi all,We have a setup of ACS 3.3 & PIX 515e that work using Virtual Telnet to PIX. The issue is that when a user logs into using Virtual Telnet his downloadable ACL from ACS overrides the static rules defined in the PIX firewall ie. the static rules...

Dear all,I would like to use the asa with AAA auth. and bind to the Active Directory with LDAP, but there are many problems with the special characters in Germany (like ü,ö,ä,ß) and the same with the keyboard signs like 'Z' and 'Y'. The CISCO-ACS...

First, the only thing I saw on the Appliance was that it was a 'hardened OS'. So I'm assuming like many of their other appliances that this is Windows 2003 locked down? Regardless if it is or not, are there any issues with the appliance being in a mi...

One of my colleague accidently entered "aaa new-model" in device and the device got locked since no username/password was configured on the device. Now the device is locked and we can't login. Its a core device. Please let me know how to resolve this...

We just migrated from ACS 4.0 for Windows to ACS 4.2 SE.I'm wondering why would anyone want to make AAA traffic go through ACS if they could just make it authenticate against Windows AD directly through either LDAP or RADIUS?Doesn't this create an ex...

Hi all,I have created a document with my question. It includes network diagrams and switch configurations.Thank you in advance!!!

I have a ACS and UCP installed. UCP is not working currently. Is there any alternative solution for UCP like would the user be able to change his tacacs login password and enable password over the prompt or anything like that?

Is it possible to hide commands for lower privilege levels?Thanks,John

Hello all,I've bee wrestling with this issue off and on for some time, but have had limited success. There is something I don't quite understand just yet. I hope someone here can help.I want to set up AAA on ACS 4.1 for authenticating login session...

Hello,My name is Ceriel Roland and I have a small problem:We are using Cisco 3560 Switches with 12.2(44)SE2 IOS.These switches are dot1x enabled with the ACS server.Computers are authenticated trough certificates and it all works fine.We also want to...

Please I have a Win 2003 server on my network that i installed ACS on. I created internal user account ,and i can authenticate on my NAS (AAA client).The issue now is how to map to the external user database in win 2003 server DC. Below are my follow...