Network Access Control

We recently purchased 2 new servers to replace our older ACS servers. The new servers are running Windows 2003 SP1 and we purchased ACS 3.3.2 for these 2 servers.Primarly they are authenticating for Dial-In clients through AS5300s. The servers are se...

ACS 4.0 for windowsIssue:Authentication getting failed for external database (windows AD) user. Error:Getting authentication failure code as: ?Internal error?Cisco.com Document says ?authentication not processed for error code 4Following are the step...

Hi,i was going through the Trust & identity management solution and i stopped when i read the IBNS is important for the 802.1x.i really didn't understand the function of the IBNS coz i know that Cisco ACS works fine with 802.1x and can take care of t...

Pls, does anybody know how to configure exec and privilege level command authorization based on local user database.I tried that, but I haven't done it yet.pls., write me a short step-by-step procedure.Here is commands which I have configured. Someth...

My customer has a Cisco ACS Server for Windows V3.3.x and operates a Windows NT4 Multi-Domain Environment.According to the Remote-Agent prereqs it does only support the Cisco Secure ACS Solution Engine. What options do I have implementing 802.1x with...

I have enabled TACACS and it is using different interfaces to connect to the tacacs server, can I force loopback interface to use for tacacs, if so what command I would use.Thanks.

On ACS 3.3, I go to main menu, I choose "Interface Configuration".I make sure that "IETF RADIUS Attributes" is selected.Then I refresh the browser, I go to "Group Setup".On the top of the page, I attempt to pick "RADIUS" configuration. However it doe...

Hi,any one knows what are the exact mapping within passed report field and the RADIUS attrib number?I need to know what is the real RADIUS attrib that could be displayed on passed report.ThanksJuan.

Hi,Im trying dot1x with critical authentication plus MAC authentication bypass,on Cat2960 with SEE2.Its onfigration is the following;aaa new-modelaaa authentication login cisco localaaa authentication dot1x default group radiusaaa authorization netwo...

I just want to implement 802.1x authentication, to dynamically assign into differente vlans, can you help me how it should be done? What is the best method? I see the PEAP is much more complex. Initially I'm thinking about Mac-Address based, so that ...

On ACS 3.3, I need to allow members of the Active Directory Windows group named "VPNUsers" and "WirelessUsers" access "Cisco VPN Concentrator" and Wireless, respectively.I do the following:On ACS, I click "External User Databases".I click the "Databa...

New ACS SE running 4.0 working fine for Network Engineers to access switches, etc with privilege 15. Now trying to configure Help Desk with limited commands. I can get the HD id to take the privilege level ACS assigns but can not seem to get the Comm...

HI all - Quick questions that will be easy for all you experts. I am using Juniper Steel-belted Radius for Remote Access Authenticaion off of our Concentrator right now. I want to start deploying 802.1x for vlan assignment and login authentication fo...

Hi,I have ACS Appliance Release 3.3(3) Build 11.Everything works fine, except in the TACACS+ Accounting and TACACS+ Administration, in the Report menu.When I try to click on the next page, it says "Page not found".The other reports work fine.Is there...