Network Access Control

ACS 4.2 w/ patch 5A primary replicates to 6 secondaries. Since mid last week we have not been able to replicate to one server. Within 10 secs of replication starting to this one server we get a Cannot replicate to 'kvhpw1038' - server not responding ...

I have Cisco ACS Server V4.0In the shell Command Authorization Set I configure a restrict Access.In the privilege mode the restriction of the commands works good, but when I enter in the config prompt the restriction don't works. In this promt I can ...

We're trying to enable "authorization" on some new Cisco ACE devices. We're running ACS for Windows 4.1 and don't have a "custom attributes" checkbox to check. Is this not a feature in version 4.1.1?Thanks,

I just added a new certificate to an ACS server with 4.2 installed. The certificate took fine, but after I enabled https the login page will not load the Java applet. I cannot go into the application locally to disable it, because the automatically l...

Hi, sorry for this subject as there are many similar threads but not identical. Having a little trouble getting this to work even after searching all the related threads exhaustively.I have an IOS router for VPN client access. Authentication and grou...

Is there a way I can set up a user in ACS, and put a temporary password. As soon as this user logs in into the first device (router, firewall, etc) The device will ask him to change the password. This is for Management Purposes and I'm using the Inte...

Versions involved:AAAACS 4.1.4.13.12Devices:C2960-LANBASE-M, Version 12.2(25)SEE3, RELEASE SOFTWARE (fc2)C3550-I9Q3L2-M, Version 12.1(14)EA1a, RELEASE SOFTWARE (fc1)If we try to configure a single interface or just a very small range, it works fine, ...

Hi Is there any best practices for configuring Command authorization (for router/switch/asa) in CS-ACS? To be specific, is there any best practices to configure authorization for a set of commands allowed for L1,L2,L3 support levels? RegardsV Vinodh.

Hi,I have a issue here on two of my new switches when i telnet i get username and password once logged in then i go to enable mode i again get a username and password prompt this time the password i have to give is enable password.This is not a issue...

HelloI am currently preparing an installation for wired 802.1x authentication. My setup consist of the following:- MS IAS- MS AD- MS DC-DHCP for auth. users- Switch WS-C3560- Testclient with CSSC 5.1The dot1x authentication itself is working properly...

Is it possible to automate the removal of dynamic users to a preset schedule, say once a month?thanksBob

we need to deploy the following1. both internet IPsec VPN and SSL VPN will run from a Cisco ASA55102. Users use the same credential as their office Windows AD Domain, aka single-login3. RSA server has been installed to provide two-factor authenticati...

Greetings-Is it possible to force AAA uauth queries via attached users behind a router doing L2L with an ASA - where the ACS server is behind the ASA? This would be used to control Internet access for hosts behind the router - using split-tunnel and ...

Scenario: Cat3560 using 802.1x Multidomain Authentication (MDA) on the access ports. Which means Nortel Phones authenticating into the voice domain and cascaded PCs authenticating into the data domain on the same access port. MAC Authentication Bypas...