Network Access Control

Clients unable to Authenticate using Win2K Domain after 3080 upgraded to 3.6.1Message in log:216 09/02/2002 20:42:07.530 SEV=4 IKEDBG/ 65 RPT=3 144.137.98.128Group [networks] User [CENTRAL\dmallyon]IKE TM V6 FSM error history (struct &0x9a0b354)<stat...

The Cisco VPN 5000 series concentrator running firmware versions 6.0.21.0002 and 5.2.23.003 (and prior) sends the user's password in plain text to the RADIUS server in PAP authentication validation retry request packets. Attackers sniffing the networ...

I have set up a VPN 3002 in Network Extension mode connecting to a central VPN 3015 and I discovered that the Framed-IP-Address RADIUS attribute in the RADIUS configuration for the VPN3002 user had to be set to the subnet used on the private network....

Can anyone give me the TCPIP port numbers windows 2000 uses to authenticate to the domain controller? We have opened DNS, DOMAIN, SSL and NETBIOS-NS and NETBIOS-DGM. We cannot get the Win2k web servers to authenticate between the DMX and the Inside ...

Is there any way I can prevent certain domain users from accessing the vpn concentrator while allowing others (assuming they get there hands on the client software)?For example, with our old RRAS solution, we could go into Active Directory Users and ...

Hi,I'm using Easy ACS 2.4 to authenticate users of PPP sessions on a non-Cisco RAS.I want to fix a maximum session time to the users using Easy ACS (specific for each user).Can it be done with it ?Thanks in advance.Fethi

I have setup ACS v3.0 on a Win2000 Server with SP3. Scanning shows that tcp ports 445 & 2001 are opened on the server. Any one has a clue what the two ports are for? Thanks.

Can you use the Websense manual authentication feature so that the user is prompted for username and password, when an http request is generated? Currently, AAA - ACS 3.0 is used for authentication outbound and I would like to get away from all of th...

Hello,I have a PIX 515 running PIX IOS 6.2.1 and a Steel Belted radius server. I want to restrict acces from VPN clients (using Cisco VPN client 3.1) to the internal network. For that I configured the users in Steel Belted with a profile stating 'acl...

Problem with ACS Radius user authentication. When the test utility RADTEST.EXE is run on the server I get the following error message "TIMEOUT: SERVER TOO BUSY". User logn fails from the 2514 NAS with error "CS PASSWORD INVALID". displayed in the fa...

I need to exclude a monitoring software user name from the "aaa accounting commands" config. However, I have not found a way to do this. Does anyone know how I might be able to exclude users on the IOS end and not the server end?thanks,Geoff

Hello,I've a 3620 configured with AAA authentication for outbound Profile on ACS 3.0.I use dialer AAA with a ip route witch redirects to an dialer interface with the name of the outbound profile. When the 3620 trys to connect to the remote router wit...

Dear All,Here is my test result regarding group delimiter:Settings as follow:1. Checked "enable group lookup" at System->General->Authentication Group delimiter "@" selected.2. Checked "Strip Realm" at Groups-> General setting (group name is testg...

Is there anyway to configure PPTP to work without local authentication?

Hello,Do you know some problem with double authentication in chap with Zyxel router.thank you.