Network Access Control

I'm using a VPN 3000 Concentrator with Kerberos authentication (AD). 1 user cannot authenticate, all others do just fine. When I use the test feature on the concetrator, I get "Authentication Rejected: Unspecified." Any suggestions?

Hi,how I can configure the speed and duplex on the cisco appliance CSACSE .ThanksOmar

HI,It is possible to upgrade from CS ACS 3.3 to 4.0 on ACS sOlution Engine 1111, which is EOS since end 2004???If not should I upgrade first the HW from 1111 to 1112 and then the ACS?

Hi All,Just a quick question on the 'Backup' feature of Cisco Secure ACS 4.0.What exactly does this backup. Does it only backup user and group settings, or does it include Network Access Profiles, Posture Validation settings, etc?Any help would be ap...

We are currently evaluating the MARS solution. We are also interested in migrating our current ACS deployment to the appliances to get away from very frequent windows related maintenance tasks. However, I have seen multiple times in my quick browsi...

Hi, my customer has a problem on a FWSM 2.3.3.2.He uses a script to manage his acls.access-l mode manualno access-l inside_auth_acl access-l inside_auth_acl deny <whatever_to_deny > access-l inside_auth_acl permit ip any any access-l commitAfter manu...

hello,I want to add a router with new shared-secret on acs, but acs brings error message, that this device is already learned via wildcard-shared-secret.how can I delete this wildcard-learned one from ACS DB to get it added with new shared-secret ?re...

I am just wondering if anything changed by the time this link was posted:http://www.cisco.com/en/US/partner/products/sw/secursw/ps2308/products_data_sheet0900aecd801a9de9.htmlregarding IOS support of active directory authentication for CVPN client. I...

Hello,I'm using tac_plus and want to use my own script for authorizing users, based on the NAS and based on the command a user enters.The documentation mentions fields that can be passed to a script (like user, name, port etc) and that works geat, bu...

Hi all,Currently we have username/password authentication for our dialup users using AS5300 via ISDN lines to the Cisco ACS. However, we are thinking doing CAT card authentication with a built-in reader on the keyboard and the user can swipe their C...

I have two VPN groups in VPN3030 and want to associate to the differnet domain that NT and AD in ACS. Q1) if I join the two domains(NT and AD) in the ACS external database, how choose the domain the request from VPN3030? please explain me two cases t...

I am setting up a Windows 2003 server with IAS as a RADIUS server for login authentication and 802.1x. Having trouble with policy, authentication, etc. Does anyone have a white paper with step by step configuration?Thank you

Hi,Trying to get an msfc2 set up so that authentication occurs on our ACS box.I've accomplished this on our 3745s. (Had a lot of help getting to that point on the 3745s...)IOS on 3745s is 12.3(16).IOS on msfc2 is 12.1(8b)E19.The problem seems to be ...

We are looking for a way to import (using csutil command) a text file that has username, group, beginning date and expiration date. Can this be done? Or is there a script out the that will allow us to do this?ThanksDwane

Hello,I'm using MS Certificate Server to provide certificates for authentication. The problem is, that after changing windows user password VPN client is no longer connecting. Anyone had similar problem?ThanksSeb