Network Access Control

Hi,I am using radius to authenticate user who connect to LAN but always fail...here is the error in ACS report "external DB account restriction" can anyone help me to resolve ?Many thanks...Sholeh

After the successful installation of the Cisco AR 4.1, we were able to verify open authentication using the "radclient". But when we started to configure AR with EAP-TTLS, we noticed that the only fields appearing under "eap-ttls-service" are Name = ...

Using this configuration to radius control console and telnet access :aaa authentication login default group Sts-radius localaaa authorization exec default group Sts-radius local aaa accounting exec default start-stop group Sts-radiusIn wlse I've con...

hi i am having problem with command authorisation with acs. i am having a full version of acs 3.3i have configured my router like this.R1aaa new-modelaaa authentication login default noneaaa authentication login john default group tacacs+aaa authoriz...

i am through with shell command authorisation with acs . i didn't get much help out here from this forum abt acs.if anybosy has doubts abt it feel free to ask i can send u the router configs , acs screenshots and explaination also if required. see ya...

I want to define a user/group that has the ability to connect to a VPN, but not via the CLI or any other method.Currently my VPN users can also log in via the CLI on my routers. They don't have enable access of course, but I would like to prevent the...

Hello All,I was wondering if there was a way to get a VPN tunnel that terminates on a Cisco router to authenticate against a Windows 2003 domain without using a RADIUS server or something of the sort. I would like to be able have the router Authenti...

A very intresting problem. I have a TACACS ver 3.2 system in place. I currently am able to authenticate agains it with no problem using SSH & Telnet. However, as soon as I try to use http, the authentication is never succesful (I get prompted for ...

I have authenticated cisco works with ACS as cwadmin. I am not able to view the device added through tacacs+ authentication. But the device is searchable through ip address in chasis view and am able to configure it. Please suggest a method to view t...

Trying to set up to do batch uploads of network devices and Users. I've created a small test accountactions.csv file and placed it on an FTP server.When we try to get ACS to pull this file we get this error in the report "No import CSV file on FTP ...

hii allcan anybody guide me how to authenticate and authorize the dial-in users from acs server using windowsdatabase or soem another waythanksmanish

When prompted for user authentication, it won't accept the credentials though it is valid from the ACS database. But when the router is configured for local authentication it works. Can someone pls help

hi,I'm trying to setup a VPN solution, connecting to a 800 series router and authenticating off a Cisco ACS tacacs server.I've basically followed the suggested config at http://www.cisco.com/en/US/customer/tech/tk59/technologies_configuration_exampl...

Hi,I am researching on how to enable command authorization on a pix firewall software v6.3 through an ACS v3.3. I only have a production unit so i am very cautious on doing test configuration on the firewall. I might get locked-up and kicked in the ...

Please, helpme...I need a guide line or configuration guide for ACS 4.0 for NAC 2(layer 2) in switch.