Network Access Control

Hello. I have a critical situation. We use PEAP/MSCHAPv2 for client and user authentication. Wireless users and clients will be authenticated by the ACS by asking a ADS usergroup membership. Valid users and clients have access to LAN ressources prote...

Hi all, I have a very large wired-only Ethernet network which I would like to migrate to 802.1x for stronger authentication of end users. The problem I have is that there are long chains of legacy switches which do not support 802.1x (the topology of...

Im trying to use PEAP machine authentication from a winxpSP2 client to ACS 4.0 using WIRED 802.1x.PEAP user authentication works just fine, the LAN connection comes up fine and i enter the user credentials and the connection comes up. However, when...

We have a pair of 5520's and have just enabled the webvpn. What we would like to do is use radius (Class attribute OU=groupname) to lock a user to their vpn group when one connects and successfully authenticates with the webvpn. We currently authen...

Hi There,Can ACS be considered an identity management solution (i.e. granting users different access privileges for different types of protocols). I am aware that you can push downloadable ACL but is it only restricted to HTTP, Telnet and FTP or to a...

Hello, I would like to know if it is possible to configure AAA group server radius in the platform CatOS (release cat4000.4-5.9.bin). I've read the sw features and I think that is no way.Thanks Javier

Hello, I am trying to setup an unsecured internet access using PIX and ACS 4.1 to authenticate users before access is allowed. The question is, I can only get a user and password prompt if the url is to Cisco.com. I would like to change this to eit...

I am a ACS server for authentication/authorization of client's, routers/switches/users. This same ACS server I am also using for authorizing the router to use certificates (av-pair cert-application=all). For this to work you need to create a user (FQ...

i need to assign static ip per user using acs for windows. my pc have already authenticated, but still can not get the ip static from acs server.any idea about this condition?

Is there a way to add (the entire text) using banner motd in a PIX w/o having to do it line by line? Doesn't let me put the entire text string in (using start and stop char) like a router IOS does.

Hi, We have some 17, 1200 access points (autonomous). The access points are spread over 16 floors in the meeting rooms. I want to authenticate the users using mac and eap. The username and password should be the mac address of the device to be aut...

Hi,I'm looking into eap-fast for a deployment next month. I have 3 ACS server behind a BIGIP to loadbalance my 7000(3000 concurrent) wireless users authentication request.I am wondering how eap-fast works in this kind of environment. Does the PAK rep...

Hello,i configured the DB Replication to an ACS-Backup with the same Patchlevel as the First ACS.The Replication works.But, all dynamic Users are disappeared?The fixed Users are Present.(User and Group Repli are already configured)The Group, which in...

Hi guys, I am still muddling around with my initial configuration of the ACS solution engine 4.1I was trying to install the "Generate the Self-Signed Certificate" but unfortunately when i enter the FTP hosts ip and a username/login followed by the "/...