Network Access Control

Dear All, I was reading my NAT Design Paper, because I am going to Implement NAT in My Company.Now, I want to ask you for only the Process of Static NAT , to allow External Users ? on internet side ? to ? access a specific server inside my LAN.Which ...

Hi Guy,Please clear some of my doubts for tacacs client configuration.#aaa authentication login default group tacacs+ localwhat will be diffrence between both configuration.#aaa authentication login myway tacacs+ local!#aaa authentication login defa...

Hello:I have a LDAP server configured and authentication working just fine. My next goal is to provide SSL VPN services to some employees. Their Tunnel Group membership should depend upon their LDAP 'group' membership.For example, our LDAP administ...

Hello,I have a text file containing 1000 users/passwords. Is it possible to import this user list into ACS local user database? is there any other trick on how to achieve this?thanks for your suggestions

Hello,I have the following scenario, access points 1214 (fat AP) connected to ACS (RADIUS) and the ACS integrated with Novell LDAP as external database.The wireless users use PEAP for authentication, here the problem when I tried to connect wirelessl...

Hi,Is it possible to use extended authentication (X-auth) to do a double authentication first one at group level against a RADIUS ?based token server and then a new authentication against the Active Directory to be able to map user group -mappings fr...

HiI've got one ACS 4.0(1) server which we upgraded from 3.3 and one ACS 4.0(1) server running the 90 day trial version. The server which was upgraded from 3.3 to 4.0(1) is the master server with all the user accounts etc and I'm trying to get it to ...

I add "Testuser" to my active directory security group "DomanWireless" and I see on ACS the respective user is mapped accordingly and get authenticated as "Group Name=ACSWireless".If I remove the user from "ACSWireless", user defaults to "Default" gr...

I am currently experiencing an "unintentional" denial of service attack causing my ACS server to stop working due to high processing because of a lot of PEAP login attempts from PC Clients with corrupted certificates or any other problems. The quest...

Hi! Good day! I urgently need help on how to configure aaa on a router to send accounting start stop attributes to multiple servers simultaneously.Thanks and Regards,Albert

Hi,in order to use TACACS+ login on our new ACE service modules we changed our ACS group settings for admins:beforeShell (exec) - checkedPrivilege level - checked: 15afterwards:Shell (exec) - checkedPrivilege level - checked: 15Custom attributes - ...

Looking for Part code for client of ACS 3.1, needs CD-ROM for re-installation prior to considering upgrade.

Is their a command that will bypass the aaa authorization from a particular host? I would like to use something like the aaa mac-exempt command, but have it only exempt on the authorization part. Background: i have a firewall management station that ...

Pix 7.2.0 doesn't have "inspect esmtp" line added. But, authentication when sending a mail from wan doesn't work (mail server is in DMZ). When you try it from LAN - it works without problems.Is it possible that pix block smtp authentication from WAN ...

Hi, I've defined ACS groups "Wireless" and "VPN". I created the same groups in active directory and mapped them accordingly on ACS.Therefore on ACS, "Group Setup", the drop down box lists 3 ACS groups:"0:Default""1:Wireless""2:VPN"At this point shoul...