Network Access Control

We are about to install two ACS appliances to integrate with ADS, and are trying to figure out where we want to install the remote agents. We were considering our network management servers and the domain controllers.Does anyone have input (positive...

What is the best ftp server software to use to backup Cisco ACS 3.3 for windows?

hello,i have a issue where the same command which is denied in IOS switches is allowed in catOS switches. No idea why it happens since my TACACS server(free tacacs server from cisco) denies the sh conf or sh run command for a particular userwhen a us...

We use ACS for windows 3.2 for authentication users on our router and switches. Now i want to configure AAA access to our Cisco 1100 AP's. For normal VTY (telnet) access it's no problem but de web interface witch use ip http authentication aaa the co...

When I use two tacacs-server, the tacacs dosn't take the secondary tacacs-server. When one of the tacscs servers are down, the router takes always the first.Image:c3640-ik9s-mz.124-5a.binConfig:aaa new-modelaaa authentication login default group taca...

from follow web link ,it said asa 5500 can authentication from nt server.i wonder if it need acs(aaa server) implement this function ,or not?thank you very much.http://www.cisco.com/en/US/products/ps6120/products_configuration_guide_chapter09186a0080...

HiI have NAC working using CTA 2.0. I need to configure a secondary ACS to act as a backup. Is there any configuration I need to manually set on the secondary ACS (apart from the logging and certificates) before I start synchronising the config fro...

We are phasing out External DB authentication for Novell. We would like to identify and delete all ACS users that have "Novell" as their Password Authentication type. Is this possible?I have been playing with csutil.exe and there appears to be noth...

After applying the security update rollup 1 for Service Pack 4 of Windows 2000 Server, our ACS would no longer allow authentication of our VPN or RAS clients via the Windows AD external Database. Users from the ACS database worked as expected.The Fa...

The ACS appliance talks to the AAA client on the standard Tacacs port 49 destine for port 11xxx on the AAA client. The Client then replies to the ACS appliance on that same 11xxx port destine for port 49 on the ACS appliance. Anyone know the port ra...

HI871-netgear-dslmodem--internet-HQ vp3k-IASRequirements:1. Soho user should be able to use the same ssid at home and at workBackground:1. client is windows embedded with wireless profile setup as open/wep/key automagic/peap/no server cert/ms-chapv22...

We have got an issue where our PIX unit authenticate AD users with an AAA server. The problem is that if i create a webbrowser seesion as soon as I disconnect and reboots my machine another person can log on to my machine and connect to the internet ...

Hello,I have a tricky authentication case to submit:My users are on Active Directory in two groups- VPN Users- Network adminsThe groups are mirrored (binded) in the ACS, I have a PIX configured as a VPN server. Both the VPN users and the network admi...

Hello. I have attempted to map ACS 4.0 to Windows AD 2003 as an External Database. This all works fine. The only weird thing is that ACS doesn't accept user passwords containing german special characters (such as ä,ö,ü).From the file "C:\Program File...

Is there any work-around for ACS to support windows password aging/expiring ? We are using ACS 3.3 applicance and find out user is being lockout when change password in the next log-on box is checked in Microsoft AD. We do see the box prompting for c...