Network Access Control

HiI've got one ACS 4.0(1) server which we upgraded from 3.3 and one ACS 4.0(1) server running the 90 day trial version. The server which was upgraded from 3.3 to 4.0(1) is the master server with all the user accounts etc and I'm trying to get it to ...

I add "Testuser" to my active directory security group "DomanWireless" and I see on ACS the respective user is mapped accordingly and get authenticated as "Group Name=ACSWireless".If I remove the user from "ACSWireless", user defaults to "Default" gr...

I am currently experiencing an "unintentional" denial of service attack causing my ACS server to stop working due to high processing because of a lot of PEAP login attempts from PC Clients with corrupted certificates or any other problems. The quest...

Hi! Good day! I urgently need help on how to configure aaa on a router to send accounting start stop attributes to multiple servers simultaneously.Thanks and Regards,Albert

Hi,in order to use TACACS+ login on our new ACE service modules we changed our ACS group settings for admins:beforeShell (exec) - checkedPrivilege level - checked: 15afterwards:Shell (exec) - checkedPrivilege level - checked: 15Custom attributes - ...

Looking for Part code for client of ACS 3.1, needs CD-ROM for re-installation prior to considering upgrade.

Is their a command that will bypass the aaa authorization from a particular host? I would like to use something like the aaa mac-exempt command, but have it only exempt on the authorization part. Background: i have a firewall management station that ...

Pix 7.2.0 doesn't have "inspect esmtp" line added. But, authentication when sending a mail from wan doesn't work (mail server is in DMZ). When you try it from LAN - it works without problems.Is it possible that pix block smtp authentication from WAN ...

Hi, I've defined ACS groups "Wireless" and "VPN". I created the same groups in active directory and mapped them accordingly on ACS.Therefore on ACS, "Group Setup", the drop down box lists 3 ACS groups:"0:Default""1:Wireless""2:VPN"At this point shoul...

Hi,I have a situation where I have 2 groups in ACS called wireless and VPN. I have successfully mapped these to 2 AD groups called the same. My requirement now is to restrict the wireless users so that they can only authenticate through an access p...

I there !!1I have a network that uses MS IAS for Radius auth in a wireless network. I'd like to setup 802.1x in all the switchs we have. The auth thing is simple (I hope). I've Found information on assigning user to a Vlan thru a radius response, but...

Hi all,I have configured my remote switch with the following AAA local authentication configuration.no enable secret no username hotel no aaa new-modelusername s1umb3r password p3ac3fullyenable secret tryt0h@ckth!S!s1umb3raaa new-modelexitwrAfter I h...

Hello,Which Protocol do I need to use, for providing dynamic VLAN to my desktop machines?As in ACS 4.0 if I use local database of ACS then users successfully get the dynamic VLAN & as soon I use AD database while integration it with ACS ,the authenti...

I am trying to configure local AAA feature in IOS ( 3640 router - WITHOUT using external AAA server auch as Cisco ACS) to define per-user authorization and to addign atrributes such as IP addr and ACL etc bind to a particular username.Is there any sa...