Network Access Control

I'm using ACS for authorization for a number of PIX and ASA. It seems the ASA do not support IP based NAR. I have FWSM and PIX on version 7 and they do work. Is there a fix for this? I'm using 7.2(3) on the ASA.

I am setting up a new ACS appliance (Cisco 1113). I followed the steps to setup a static ip address but when I do a show, it still says yes to dhcp enabled. I am on a working network, the ACS got a dhcp address. The system says new ip address set,...

Hi All,I've configured SSLVPN on Cisco ASA 5540 to authenticate using Windows AD by providing DomainController information. Though the authentication is working, I'm bit concerned about the security as this method of authentication mechanism would e...

Hi,Have anyone encountered this problem before? My radius is at 192.168.1.10 and R1 is on 192.168.1.1. Both are connected to a switch and ping works perfect. ACS has been configured with R1 as the AAA client with a key. I'm baffled as to why this doe...

We have 2 ACS appliances that are separated by a WAN.Both appliances are at the same software version and I have replication set up per Cisco's (as well as others') directions.When I run replication, I get the error "Cannot replicate to 'ciscoacs2' -...

Hi All! I have a problem with configuring feature "local aaa server" for remote ipsec. I can't found anything examples of settings local aaa server for remote ipsec on cisco.comI want that defined remote user, while connecting by ipsec, will receieve...

Most IOS configs (mine included!) seem to use passwords instead of secrets for local users.If password is weak, reversible encryption, and secret is md5, is there a reason other than habit why people don't use the stronger one?Just curious. Paul

folksi have an 1113 appliance and it has recently started falling over, i.e. it won't pass on radius requests or even let me log on by httpits running 4.0any guides/hints on how to troubleshoot itis there a newer OS availablethanks to anyone taking t...

Hi,When I tried configure enable level access per NGD, it doesn't work.Each time I see the same error:"TACACS+ Enable: Defining Max Privilige on a per network device group to be select".This error is the same if you don't select a NGD. ACSE ignores m...

Someone has a good guide for 802.1x with cisco ACS?

Can some one explain in detail on these commands.aaa authentication enable default group ACS enableaaa authorization exec default group ACS if-authenticated

when implementig a 802.1x with a cisco ACS is necesary to work with certificates or it can just work with username and password?

Hi,We are implementing the VPN 3015 Concentrator and using ACS to assign IPs to the VPN clients. Want to use 10.200.200.0/24 subnet as a pool, but I can not find the way to assign the right mask. I guess, the ACS detects that this is a class A networ...

I am currently working on an 802.1x pilot. I have successfully deployed certificates for PCs and users and I'm able to assign VLAN etc in a reliable fashion. I would like to enable MAC Authentication Bypass on the voice VLAN for IP phones. The proble...