Network Access Control

Not having much luck getting this to work and searching the forums here everybody seems to say it is not possible unless TACACS+ is used. Is this still the case? I see the AAA/ACCT/CMD in the debug on the local switch but the RADIUS server never rece...

Hi all!I have a problem, we are using freeradius server to authenticate the VPN users. It works fine.Now I want authenticate the ssh, asdm users with the same radius.The only problem is that the ASA doesn't send different attributes to the radius and...

How do i check to see user activity once its enabled on my ASA? I need help setting up the AAA on a radius server as well in regards to where i set up the server secret key?Help!

Hi,Not sure if this belongs in AAA or firewalling. I apologize for the mix-up.Does anyone know if there's a user-friendly (i.e. non-LUA) way of matching a single DAP entry to the following constraint:- match specific connection profile- match one of ...

Hi,I want to have my MS IAS RADIUS check on the connection profile that a SSL VPN user selected: Users can only authenticate for profiles that match their group membership. But a single user can be allowed to connect to more than one connection profi...

Hi, I would like separate ACS traffics on 2 two separate NICs, one for front end AAA service related traffics, and another one for web, backup administrative traffic, is it possible?Leo

Hi All,I'm sure this question has already been asked and the solution is simple - however it does not appear to be obvious!My requirement is to have an AD group called 'CiscoAdmins' and another called 'VPNUsers'. Using ACS I want to only authorise me...

Hi I have an early Version Tacacs+ - CSACS3.2-WIN-K9we have upgraded all our cisco devices to ssh 1.5/ ssh 2 however when we renew passwords the tacacs server is not allowing password changes . way around this is to use a telent to a device that curr...

I have ACS 4.1 for Windows and want to upgrade to 4.2. I don't have smartnet on 4.1. When looking at the Cisco Price list I don't see an option for smartnet on 4.1. I also don't see an option for an upgrade from 4.1 to 4.2. What options do I have to ...

Recently I deployed a NAC Appliance OOB with WLC 4402, everthing ok and works fine but to authenticate user on NAC I created a Groups on ACS just to authenticate this users but these users are be able to access other SSID on WLC.I want this users jus...

Hiwe are working as Remote operations engineer.During normal conditions when Priamary link is up, we get access to AAA server, when primary link fails we login to the devicesusing via back up link using line passswords, config is pasted belowMy quest...

Hi all,Is it possible to return different TACACS user Privilege levels for different device groups on ACS 5.x ? I couldnt find this feature on 4.2 ? We have different vendor devices on our network and need to do this for a user group ?

Hi, All!I integrating Security Manager 3.2.1 with Cisco Secure ACS 4.2 by the manual.In the finish step, I get waring:System Identity User - Not configured properly for (csm,AutoUpdate,rme)Please, tell me, what me wrong?