Network Access Control

Have a couple of switches setup for AAA/Radius (Microsoft IAS running Radius). All authentication fails when I configure it with a radius key (matching on switch and server). When I remove the key, I still cant authenticate with my domain credentials...

HelloWe have this scenario:A user at home connects via SSL VPN is authenticated by Cisco ACS/RADIUS. User ends up in a specifig SSL VPN group on the ACS. This group is configured with specific properties for SSL VPN.Now the same user comes to work wi...

Hican we use AAA for a single sign on solution?ThanksShiju V.Joseph

Well, I have Router 837, but my problem is virtual-access stay UP physical part and UP/DOWN protocol part.ATM is UP/UP and dialer is UP/UP .Not negotiate IP.I make debug...I confirmed my data with ISP and my user and my password are correct, but with...

Hi!I would like to configure a remote agent for an AAA test on acs 4.1. I use a software version test installed on a PC with win 2003. I followed the standard procedure to add a remote agent: In the navigation bar, click Network Configuration. The Ne...

Hi,We required to setup several IOS wireless points with MAC-address authentication using the cisco acs. I have it working but the problem is that even rouge devices try connecting and this causes loads of failed attempts in the failed report, there ...

HelloI have an ACS version 3.3.I have changed the configuration of a Network Access Restriction, and then I applied Submit+restart. I can?t get access again to that NAR and displays a message: "Failed to Edit NAR1Reason: is currently being edit elsew...

Hi, I have a PIX 501 with software version 6.3. This PIX is configured to authenticate user for all tcp traffic. The idle timeout is 8 hours. But from 2 days ago, it keeps ask for username and password for authenticated users time to time (every 5-30...

have configured Cisco ACS 4.0 (TACACS) with Windows AD for all Cisco MDS switches and it is working fine. But local "admin" access to the Cisco MDS switches via telnet is not working. At the same time , if I create a user with "network-admin" role lo...

Is it possible to mark PPPoE user traffic via Radius after authentication for example userA traffic will be marked as AF11 and userB traffic mark with Af22

Hi all,I have a problem with ACS 3.3.4 build 12It cannot enumerate domain mapping in a multi domain enviroment. Running the NT utility all groups enumerate. Domains list. (except in the ACS control page)Also user authentication fails with the errorNO...

I have aaa working on a switch in my network.The prolem I have is when a user fails the password authentication with a known ldap user, it prompts them for the enable password. If that user enters the enable password, they are then logged into the sw...

I am looking for ideas on best way to force employees to use the 'employee' ssid instead of the 'guest' ssid.Using Unified Wireless (LWAPP) + ACS 4.0One thought is that guest ssid can only access the Internet and -only- the Internet (restrict them fr...