Network Access Control

VPN3000 with AD Authentication Problems

In the past I have set up many Authentication Servers to the Concentrator using NT Authentication. In many cases we tried AD authenticaton first, only to run into problems. In the past the problem was always that new users were able to authenticate, ...

Can't hide TACACS key in the config

I have recently enable TACACS in my Cisco route/switches but when I do show run I can see the tacacs key, how do I hide it? Thanks. tacacs-server host x.x.x.x key cisco123

How to notify users that their account is lockout

Hi,We have an implementation of Cisco Secure for Windows. To log into the cisco devices the cisco device use tacacs and the cisco secure server checks against windows AD to validate user+password credntials. Now if the users fail three times in a row...

ACS Replication Error

I have 2 x version v4.0 ACS servers. Windows 2003 SP1Both servers can ping each other and are resolving hosts names using local hosts file. I have disabled the multiple nics on both servers and have a single nic connected.Replication has been confi...

VPN Authentication problems

I have recently upgraded our PIX OS 7.0(5). We are experiencing issues with remote access VPN clients. Phase 1 authentication occurs OK but the user authentication is failing on some accounts. The PIX authenticates against Active Directory.The strang...

Resolved! ACS standard reports: Need to see attrib [04] "NAS-IP-Address"

Hello,we have the following topology.NAS-->other vendor radius (proxy)-->ACS 4.0Auth works fine, but we have problems with standard reports offered by ACS.On passed auth report we need to see the original NAS IP address, attrib [04]. The third party ...

Resolved! Restricting Device groups access in ACS 4.0 SE

Can i have logging limitation configured on the groups in Cisco ACS 4.0 SEHeres what i want to achieve. There will be two groups siteA and siteBI also create 2 network device groups say NDG1 and NDG 2 Now the users in the SiteA should be able to acce...

CAR TCL Scripting

I am using Cisco Access Registrar 3.0 with an oracle database with users type A. What i need to do is : if the users exists define services type A. If the user is not in the DB then it is type B so i have to define services for this type of user.I am...

ACS 4 - Services wont start on redundant server

Hi,Last night we patched our ACS services with the latest windows updates. These ACS servers replicate their database from server 1 to 2. After the required reboot server number 2 is unable to start its ACS windows services. ACS logs are non-existent...

managing routers after a firewall using aaa

Hello,Please i would like to manage my internet routers using tacacs. However, this has not been possible cos a firewall blocks the traffic. Can anybody advice me on how to achieve this?Iso

Cisco ACS 3.3, Novell e-directory & 802.1x

Hi,Pls., can anyone help with documentations on the integration of ACS 3.3 with Novell e-directory for user authentications with 802.1X configuration on the network.

Resolved! Problem with TACACS+ (ACS) and Cat 2950

I've configured the 2950 as below and configured ACS correctly and I can login to the 2950 using this config, the problem lies after I go into enable and try any command I get the following error Command authorization failed.What have I missed out of...

ACS and AAA Help

I've just configured ACS and TACACS+ for access to our switches using our AD for authentication. It works fine.What I would like to know is firstly how can I configure ACS to only allow access to our switches if you belong in a particular AD group or...

reinstalling a new Certificate on Tacacs+

my certificate just expired for my Wireless authenticaion. I have tried to reinstall a new certificate but it will not allow me to, What are the procedures to do so. I have the PDF from CCO but It is not Clear on several areas where I am having pr...

Authenticating against RADIUS AND TACACS

G'day...Toys:Cisco Secure ACS 3.2Cisco 1242 Access PointsI want to authenticate spectralink phones via LEAP (Radius Aironet) and IT staff logging onto the CLI via TACACS+, all off the same ACS Server.The only way I have gotten this to work is to setu...

Network Access Control

Forum Posts

VPN3000 with AD Authentication Problems

Can't hide TACACS key in the config

How to notify users that their account is lockout

ACS Replication Error

VPN Authentication problems

Resolved! ACS standard reports: Need to see attrib [04] "NAS-IP-Address"

Resolved! Restricting Device groups access in ACS 4.0 SE

CAR TCL Scripting

ACS 4 - Services wont start on redundant server

managing routers after a firewall using aaa

Cisco ACS 3.3, Novell e-directory & 802.1x

Resolved! Problem with TACACS+ (ACS) and Cat 2950

ACS and AAA Help

reinstalling a new Certificate on Tacacs+

Authenticating against RADIUS AND TACACS

ISE 3.4 Posture policy for Kaspersky endpoint Security v12.x

Bulk Update Fails for customAttributes - Is it supported?

UserPrincipalName not showing in ISE Log for certain user

CISCO NAM installation by iso generated by System Center

can i USE 2 CISCO ISE posture policy in same time with 2 Anti malware

Only allow enable, show commands, no config allowed, cant make it work

Invalid Request error on GUI login - suspecting MnT Restriction issue

ISE VM Smartnet

ISE 3.5 requests for SMB Version 2 from Active Directory

SSL VPN FOrtigate with Cisco ISE Posture