Network Access Control

We are using ASA5510 as our VPN gateway and MS IAS 2003 for RADIUS & AAA. Using Cisco VPN client it is not able to authnticate. I get the following error in Event Viewer:Policy-Name = Dialup Group Authentication-Type = PAP EAP-Type = <undetermined> ...

Hello - I have a remote site connected via VPN, and I have AAA authentication to the network equipment at the location. Is there anyway to designata a specific ip address on the device that is handling the VPN tunneling? Only the private ips on the...

Hi Everyone,Does anybody know if Steel Belt Radius would be able to authenticate both the telnet and enable passwords for RADIUS authentication?I have tried IAS, but apparently IAS does not have any understanding of the enable password and therefore ...

I'm trying to set ACS 4.0 up to validate posture via an external validation server, namely Symantec 10 AV. I have searched high and low and cannot find what to use for the URL for the AV server. Has anyone else successfully done this? I am also tr...

I am trying to get a new 2960g to work with tacacs. After adding to the tacacs server and restarting the services I still do not get prompted for user name. What gives?aaa new-modelaaa authentication login default group tacacs+ enableaaa authenticati...

I did see a Cisco Access Control Security: AAA Administration Services from Cisco press without good reviews. Does anybody know of a good reference guide for ACS 3.3.3 or v 4?

Hi,I am trying to get a dialup config to work that uses virtual profiles by virtual template and AAA configuration. When I follow the Config guides (12.2 in my case) I am told to use the command virtual-profile aaa. This command does not seem to exis...

I have setup our AUX ports on our routers so that it uses a local username and password for authentication and authorization, instead of the TACACS that the other lines use. It works ok, but it still prompts me to enter an enable password to get into...

Hi there,message description says it all, really. Is there a way to prompt users who wish web access for a username and password from a local authentication database stored on the PIX? I am aware that this can be done using aaa to a RADIUS or TACACS+...

Hi,I'd like to be able run aaa on the secure part of my network, and I came across an article on Local AAA server (IOS Security Confiruration Guide, Release 12.4) that say I should be able to do just that..I have a 2600 with c2600-ipbasek9-mz.124-8I ...

Ihave two queries , when APSEC AH Protocol used IP Packet is expanded/added during simole VPN session two modesHow much Ip Packet is expanded/added1. IP Packet expanded in transport mode2. IP Packet expanded in tunnel mode

Dear Alli have Cisco Secure ACS solution engine with v3.3, and i want to add external database to it ( Active directory ) i tryed many way and i follow the Dc but unfortunaly it didnt adddany body could help me step by step and he port i ahve to conf...

When ISAKMP begins in ike phase 1 to look for an ISAKMP policy that is same on both peers. I have two queries1. Which peer will send all their policies to match?2. Which peer will try to find a match? calling peer,called peer, in both cases