Network Access Control

I just installed UCP v1.0 (the one included on the CD) on my CiscoSecure ACS v3.0 Windows 2000 server.Set-up ran fine. I access the new web page, I can log in fine but when I try to change my password info, it comes back with "Error: Session Timed o...

It appears that the ACS will allow you to use external databases for authentication, like windows, LDAP, novell, etc.. Is it possibe to set this up so that vpn users can authenticate to these databases using their current passwords? Thanks

Reviewing a config writen by a co-woker I found the following, am I right that it is not requiring a password when connecting via the console or telnet?username Admin privilege 15 password xxxaaa new-model!!aaa authentication login default localaaa a...

Hi All,I am trying to configure my VPN 3000 series concentrator to use AD authentication. IAS is installed on the domain controller and I configured the VPN concentrator to use the domain controller for authentication. But I like to restrict the acce...

HiI'm using the ipsec vpn client with certificates for group authentication + radius with expiry, and everything works fine.I want to use certificate authentication for webvpn as well, but i'm not able to get it to work, the certificate CN is test-us...

Is there any way on PIX 6.3 to set up something like the IOS "single-connection" option for a TACACS+ server? I'm trying to optimize my ACS server and thought this might be a simple option, but can't find any mention of it in PIX documentation.Thank...

The auditors want me to limit the Network Management userid to be able to login only from the Management Station IP. Can this be done, preferably without changing configs on the network devices.

Following error was prompt if when i tired to remove a host (e.g.troubled-host ) in device group. ----------------Edit Failed Failed to edit troubled-host. Reason: The Host no longer exists.

Hi Experts , I would like to know whether the following command is supported on 7304 router with NSE-100 having c7300-js-mz.122-25.S10.bin image.aaa session-id common.Thanks,Kumar

Hello,Via ODBC I would like to have ACS 4.0 authenticating against a simple Microsoft Access Database which contains Usernames and Passwords in the table "users".I cannot get it to work. It seems to me as if the AccessDB requires a special structure ...

HI,I have created a one line downloadble access-list in Cisco ACS to deny a host. deny tcp any host 192.168.115.1 eq 22 and assinged it to a user and group. when I try ssh it should be denied but it works. Thx for the help in advance

Hi all,I am/will be beginning a deployment of dot1x to our campus. We will be authenticating to a Windows 2003 IAS Domain Controller, but I have a few questions before we begin:1) I have found no documentation as to the setup of switchports in rega...

I have my ASA5510 configured to authenticate VPN clients against an internal Win2003 IAS server. This works fine - users authenticate and can reach inside network. I have the ASA configured to allow HTTPS/ASDM access from the same inside net the us...

I would like to use TACACS+ authorization for allowing some limited allowed commands for a particular group, on a TACACS+ authenticated user. When i allow the group enable, i can't seem to limit the command level. aaa-server TACACS_SVR protocol tacac...

Hello,We have a customer who has 3 types of authentication needs:1) Laptop with windows based on user credential2) Industrial computer without 802.1x supplicant3) computer with windows but which need to be always in the same vlan (even if the user wh...