Network Access Control

caller ID not getting reflected in ACS report for pix 525 with FOS 7.0

Caller Id not getting reflected in Cisco ACS passed authentication report for PIX 525 with FOS 7.0

PDM authentication

Hi, on my network, i can log into the PDM from some computers but can't on others. After the normal authentication which i pass, i get another box (Password needed - Networking)server /192.168.1.1Realm PixScheme BasicI have no idea what the username ...

VPN3000 with AD Authentication Problems

In the past I have set up many Authentication Servers to the Concentrator using NT Authentication. In many cases we tried AD authenticaton first, only to run into problems. In the past the problem was always that new users were able to authenticate, ...

Can't hide TACACS key in the config

I have recently enable TACACS in my Cisco route/switches but when I do show run I can see the tacacs key, how do I hide it? Thanks. tacacs-server host x.x.x.x key cisco123

How to notify users that their account is lockout

Hi,We have an implementation of Cisco Secure for Windows. To log into the cisco devices the cisco device use tacacs and the cisco secure server checks against windows AD to validate user+password credntials. Now if the users fail three times in a row...

ACS Replication Error

I have 2 x version v4.0 ACS servers. Windows 2003 SP1Both servers can ping each other and are resolving hosts names using local hosts file. I have disabled the multiple nics on both servers and have a single nic connected.Replication has been confi...

VPN Authentication problems

I have recently upgraded our PIX OS 7.0(5). We are experiencing issues with remote access VPN clients. Phase 1 authentication occurs OK but the user authentication is failing on some accounts. The PIX authenticates against Active Directory.The strang...

Resolved! ACS standard reports: Need to see attrib [04] "NAS-IP-Address"

Hello,we have the following topology.NAS-->other vendor radius (proxy)-->ACS 4.0Auth works fine, but we have problems with standard reports offered by ACS.On passed auth report we need to see the original NAS IP address, attrib [04]. The third party ...

Resolved! Restricting Device groups access in ACS 4.0 SE

Can i have logging limitation configured on the groups in Cisco ACS 4.0 SEHeres what i want to achieve. There will be two groups siteA and siteBI also create 2 network device groups say NDG1 and NDG 2 Now the users in the SiteA should be able to acce...

CAR TCL Scripting

I am using Cisco Access Registrar 3.0 with an oracle database with users type A. What i need to do is : if the users exists define services type A. If the user is not in the DB then it is type B so i have to define services for this type of user.I am...

ACS 4 - Services wont start on redundant server

Hi,Last night we patched our ACS services with the latest windows updates. These ACS servers replicate their database from server 1 to 2. After the required reboot server number 2 is unable to start its ACS windows services. ACS logs are non-existent...

managing routers after a firewall using aaa

Hello,Please i would like to manage my internet routers using tacacs. However, this has not been possible cos a firewall blocks the traffic. Can anybody advice me on how to achieve this?Iso

Cisco ACS 3.3, Novell e-directory & 802.1x

Hi,Pls., can anyone help with documentations on the integration of ACS 3.3 with Novell e-directory for user authentications with 802.1X configuration on the network.

Resolved! Problem with TACACS+ (ACS) and Cat 2950

I've configured the 2950 as below and configured ACS correctly and I can login to the 2950 using this config, the problem lies after I go into enable and try any command I get the following error Command authorization failed.What have I missed out of...

ACS and AAA Help

I've just configured ACS and TACACS+ for access to our switches using our AD for authentication. It works fine.What I would like to know is firstly how can I configure ACS to only allow access to our switches if you belong in a particular AD group or...

Network Access Control

Forum Posts

caller ID not getting reflected in ACS report for pix 525 with FOS 7.0

PDM authentication

VPN3000 with AD Authentication Problems

Can't hide TACACS key in the config

How to notify users that their account is lockout

ACS Replication Error

VPN Authentication problems

Resolved! ACS standard reports: Need to see attrib [04] "NAS-IP-Address"

Resolved! Restricting Device groups access in ACS 4.0 SE

CAR TCL Scripting

ACS 4 - Services wont start on redundant server

managing routers after a firewall using aaa

Cisco ACS 3.3, Novell e-directory & 802.1x

Resolved! Problem with TACACS+ (ACS) and Cat 2950

ACS and AAA Help

Default Route SGT

PX Grid Connector and Service NOW

ISE Posture: secure client stops posture synchronization

Posture Script Condition–Fails to Connect When SHA-256 Fingerprint Add

Is it possible to use "PostureOS" attribute in ISE Profiling Policy

ISE Dot 1 X Authentication

Problem with PSN ISE node (error 5405 Radius session drop)

Update DNS in ISE really this hard/bad?

ExternalGroups in REST ID (Azure AD) in Authorization Policy

ISE TACACS log backup restore