Network Access Control

I'm trying to setup an 871 with 802.1x authentication for home users. The goal is to allow the employees corporate laptop and IP Phone to communicate across a VPN connection, but unauthenticated users should only be allowed internet access.Where I s...

Hi,I have ACS 3.2 with switches authenticating via 802.1x to it. BY Accident a switch ip got changed however users can still authenticate to it. I want to confirm this is normal as I understand the pre-shared key is the bit that secure mutial authent...

Hi all,is it documented the max number of request supported for ACS 3.3 appliance version?Our customer has two ACS (primary and secondary) and i see that pix (aaa client) sends a lot of request to the secondary one. AAA is used to authenticate and au...

Our application uses Cisco RHEL ((i386) 2.6.9-5.ELsmp) as OS. It relies on RHEL for tacacplus and radius capablities. (pam_tacplus.so & pam_tacplus.so are present in /lib/security on the RHEL box)Cisco ACS ver 3.3 is used to authenticate the users in...

We have a large block of userids we need to add to our ACS 3.3 Solution Engine into the CiscoSecure User Database. When using the web-based GUI, it looks like you can only add one user at a time. Is there anyway to add users as a block with some ty...

During testing, I took my test PC off the domain but did not disable 802.1x. When Win2k booted, it was seen as unauthenticated and never was put in the Guest Vlan. I read another post from March and it sounds like this is expected.If this is true, ho...

Have you got an idea of how to configure with ACS Radius Server a dynamic attribution of VLAN-ID that will depend on the location of a particular user (supplicant)that is defined in one user group i.e. User A -(group A) Site X --- VLAN-ID-X User A -(...

Hi,I'm trying to implement a scenario where i want ACS to receive a certain integer of session_time passed by ODBC database. I don't know if ACS is restricted to receive only the error code and group-ID (pap case), and a string to gog purposes? Or if...

hello all . I have 2 pools of IPs on the router ans have dialup vdpn sessions on it , I need some specific users get from a pool and other users from the other pool. Can I return the pool name in the radius reply when the user is authenticating ? and...

Hi AllCan anyone tell how do we use UCP for Cisco 1111 ver 3.2 appliance.In the Cisco recovery CD which i got a i dont find a UCP exe.How do i get it installed on the Cisco 1111 appliance ?ThanksSumsi

Hi There;I have recently been thrust into a project involving a Windows AD server running "Cisco Secure ACS for Windows (v3.1)", and a need to upgrade it to v3.3. A Cisco 3000 series VPN Concentrator is currently configured to use the above Windows h...

Hi NetPro,Currently, i am facing some problem which is Firewall Authenticate with Cisco ACS. i've added the command "aaa-server AuthInbound protocol tacacs+" and " aaa-server AuthInbound (outside) host 172.17.xxx.xxx cisco timeout 5 "but, still cant ...

Hello,Is there anyway to assign Polies like 'Access Control List' to user basis instead or IP base? Thank you

I currently have in place CS ACS Solution Engine v3.3.3 and the Remote Agent is installed on Windows Server 2003. I'm using a lab environment to test Authentication to network switches and routers using ACS as Radius with Windows A/D as the backend....