Network Access Control

Is it possible to mark PPPoE user traffic via Radius after authentication for example userA traffic will be marked as AF11 and userB traffic mark with Af22

Hi all,I have a problem with ACS 3.3.4 build 12It cannot enumerate domain mapping in a multi domain enviroment. Running the NT utility all groups enumerate. Domains list. (except in the ACS control page)Also user authentication fails with the errorNO...

I have aaa working on a switch in my network.The prolem I have is when a user fails the password authentication with a known ldap user, it prompts them for the enable password. If that user enters the enable password, they are then logged into the sw...

I am looking for ideas on best way to force employees to use the 'employee' ssid instead of the 'guest' ssid.Using Unified Wireless (LWAPP) + ACS 4.0One thought is that guest ssid can only access the Internet and -only- the Internet (restrict them fr...

I have cisco ACS 4.0 running and it works nicely, but when i try to access the devices using Cisco Network Assitant 5.0 i get a continuous prompt as if my account isn't being authenticated. the account that i'm using has level 15 privilege on all dev...

I have setup TACACS authentication on a PIX running 6.3(3). I can authenticate using TACACS just fine, but do not get put directly into enable mode. The ACS server is setup to do so, it works for routers and switches, but not the PIX box. If I put th...

I'm using ACS 4.0 for Windows.How can I increase the validity of a self signed certificate from one year to more years?Thanks.Andrea.

I'm trying to upgrade from ACS 3.3.3 to ACS 4.1. The installer comes to 99%, and then aborts. Event viewer reports on some Dr.Watson error, application error in _INS5576._MP. Any ideas? I'm running on a VMWare server with 1 GB RAM, lots of disk. OS: ...

Hello,I'm currently working on a test with Cisco NAC and wired 802.1x.I am using the Cisco ACS 4.1 server (on a Windows Server 2003 OS). The server and the clients are connected on two Catalyst 2950 switches. The two clients (one Win XP SP2 and one W...

What effect does this error msg have on ACS >> Service CSAuth has been suspended for a configured function to proceed. Monitoring will suspend until the service is restarted <<...logs show this is constant and ongoing. ACS is up and all services are ...

Hi,I used Peap with WIN/XP with only machine authentication, sometimes I get following Message in the failed attempts log. "External DB user invalid or bad password"

Hello. I have a critical situation. We use PEAP/MSCHAPv2 for client and user authentication. Wireless users and clients will be authenticated by the ACS by asking a ADS usergroup membership. Valid users and clients have access to LAN ressources prote...

Hi all, I have a very large wired-only Ethernet network which I would like to migrate to 802.1x for stronger authentication of end users. The problem I have is that there are long chains of legacy switches which do not support 802.1x (the topology of...

Im trying to use PEAP machine authentication from a winxpSP2 client to ACS 4.0 using WIRED 802.1x.PEAP user authentication works just fine, the LAN connection comes up fine and i enter the user credentials and the connection comes up. However, when...

We have a pair of 5520's and have just enabled the webvpn. What we would like to do is use radius (Class attribute OU=groupname) to lock a user to their vpn group when one connects and successfully authenticates with the webvpn. We currently authen...