Network Access Control

Hi All,I've configured SSLVPN on Cisco ASA 5540 to authenticate using Windows AD by providing DomainController information. Though the authentication is working, I'm bit concerned about the security as this method of authentication mechanism would ex...

Hi,Have anyone encountered this problem before? My radius is at 192.168.1.10 and R1 is on 192.168.1.1. Both are connected to a switch and ping works perfect. ACS has been configured with R1 as the AAA client with a key. I'm baffled as to why this doe...

We have 2 ACS appliances that are separated by a WAN.Both appliances are at the same software version and I have replication set up per Cisco's (as well as others') directions.When I run replication, I get the error "Cannot replicate to 'ciscoacs2' -...

Hi All! I have a problem with configuring feature "local aaa server" for remote ipsec. I can't found anything examples of settings local aaa server for remote ipsec on cisco.comI want that defined remote user, while connecting by ipsec, will receieve...

Most IOS configs (mine included!) seem to use passwords instead of secrets for local users.If password is weak, reversible encryption, and secret is md5, is there a reason other than habit why people don't use the stronger one?Just curious. Paul

folksi have an 1113 appliance and it has recently started falling over, i.e. it won't pass on radius requests or even let me log on by httpits running 4.0any guides/hints on how to troubleshoot itis there a newer OS availablethanks to anyone taking t...

Hi,When I tried configure enable level access per NGD, it doesn't work.Each time I see the same error:"TACACS+ Enable: Defining Max Privilige on a per network device group to be select".This error is the same if you don't select a NGD. ACSE ignores m...

Someone has a good guide for 802.1x with cisco ACS?

Can some one explain in detail on these commands.aaa authentication enable default group ACS enableaaa authorization exec default group ACS if-authenticated

when implementig a 802.1x with a cisco ACS is necesary to work with certificates or it can just work with username and password?

Hi,We are implementing the VPN 3015 Concentrator and using ACS to assign IPs to the VPN clients. Want to use 10.200.200.0/24 subnet as a pool, but I can not find the way to assign the right mask. I guess, the ACS detects that this is a class A networ...

I am currently working on an 802.1x pilot. I have successfully deployed certificates for PCs and users and I'm able to assign VLAN etc in a reliable fashion. I would like to enable MAC Authentication Bypass on the voice VLAN for IP phones. The proble...

Our ACS applies users to a VLAN by sending the attribute type 81. BUT the users need to connect to different vlans depending on the NAS. The NAP-feature with authorization (with a NAF for the depending NAS and a RAC for the different VLAN) changed se...

Hi,I'm doing a research on the Cisco NAC (without the appliance) concept and I would like to ask the following:1. Securing network access - Needed products are Cisco ACS and Cisco access devices (2960, for example). The feature needed is NAC Layer 2 ...