Network Access Control

When adding aaa onto a C870 it doesn't like the following lines of code:aaa authorization commands 1 default group tacacs+ if-authenticated localThe device appears to have a problem with the word 'local'We use this code on all our other Cisco devices...

I have created an msi package to deploy ACS 4.1.3 to a number of different servers on the network. However, when it installs on the new server, it creates another AAA server (one with original IP and hostname) and the other with the hostname and IP a...

Hello,We are looking for a way to authenticate vpn remote-access users on asa using 2 factors authentication.The first factor is username / password authenticated against a radius server.Second factor is a code matching an intersection on the grid ca...

Hi everyone,Under Password Aging Rules I have "Apply Password change rule" enabled but the user does not get a message to change the password. Instead it disables the account after the user logs in once.Any help would be much appreciatedThanks

Dear Guysi want to give authentication authorization and accounting for ciscoworks from acs server how can i give .

Hi allWe are having problems with a GSS box here (ver 1.3) which we are trying to auth against ACS 4.1.Have configured the following on the GSStacacs-server timeout 5tacacs-server host xx.xx.xx.xx port 49 key blahblahaaa authentication ssh localconfi...

Hi,I have two ACS v3.3 Servers running. Before the hardware replacement on x2, it was all smooth. Then after hardware replacement on x2, the two Servers went into a hung state thrice this year. Some NetPro advised me to check Replication, Backup etc....

Hi,I have some routers with modem-stuff and like to make reverse-access authorization. Router-Cfg:aaa authorization reverse-access default group tacacs+worked under CSU with service=raccess {}But I get errors when I try this under ACS Win 4.1.Router-...

Hi,I have defined on the RADIUS server a profile with privilege level 0 with the "shell:priv-lvl=0" command on the server. The problem is that when the user logs into the firewall it is always given privilege level 1 (if SSH) or 15 (if ASDM).Th...

Hi,I have an ACS that authenticates and authorizes IOS devices.I use "shell command autorization set" to authorize some commands for some groups.Is it possible to do so with CatOS?For example, I'd like that the groupe FULL can access all command and ...

Hi,i have two Win2003 servers running ACS 4.1.I need to change the mail sender of notifications.I can i do ?Thank you.Mauro

When having different network admin, what will be the configuration/settings on the ACS to set one at a time login onto the cisco device?So that when a user already logged into the device, other users attempting to login will be blocked.

HiI use ACSWin4.1/tacacs+ and I want to restrict shell-users to specific NAS without defining all the NAS on the ACS server. I have only defined very few NAS profiles and the <other>-NAS-profile on the ACS-server because I do not like to maintain tho...