Network Access Control

Can anyone explain how the proxy for EAP-TLS is supported in CSACS?I think the SAN feild is used for the proxy distribution table but even if this is correct what about the certificate authority. Who does what in terms of certificates etc?I have to i...

I have a tacacs+ server and i need to create a group where a user can only work on the interface paramaters and deny other commands. For example i dont want the user to use "sh run" or "sh start" but can use the "sh interface" command.And also allow ...

CSAdmin service does not load. Recieved unknown windows error and nothing is written to the event viewer. Running on a windows 2000 server SP4.

We have two Data Centres with the primary ACS server in one and I am trying to install a secondary ACS server in the second one.They communicate at a TCP level but I can’t get the second ACS to replicate the first one. They are both installed on win...

What IOS version do I need to have to use 802.1x? We have version 12.0 on some of our switches and I can't seem to find the commands for it (aaa authenticaiton dot1x... )

HiWe have been using Ciscoworks to collect switch/router configurations for a number of years. Since we implemented ACS V3.3 we have been getting problems with failed logins.After looking at the failed attempt logs we see spurious logins like "q" or ...

I am testing remote logging in ACS. Is it by design that logging from all ACS appliances goes to the same files configured by the Configuration Provider? Whatever is specified in the other ACS appliances is ignored and all entries from all applianc...

Hi,I am setting up WebVPN on a 3005 concentrator. I have it working with an internal user.Is it possible to make WebVPN authenticate through a NT-Domain? Best regards Morten WiingreenBøg Madsen a/sDenmark

Hello. I have attempted to map ACS to Windows AD 2003 as an External Database. That works, but only if I authenticate using the Pre-Windows 2000 name (sometimes called the "down-level" name).If I use the Windows 2003 login name, I get a 529 error in ...

We have a wireless AP that we allowed a certain group to manage. The can authenticate just fine, but when they authenticate (via http only) I do not see that in the Tacacs+ logs on our ACS 3.3 server. If they authenticate through a command line then ...

Having some dificulties with creating the configuration file for the Tacacs4.0.4.I have my test switch authenticating and authorizing, but am not able to figure out how to get the admins group to login directly to the privileged exec mode. Also when ...

Anybody come across on an Aironet 1232 the inability to configure "aaa authorization ipmobile ........"Really strange, all our other access points (same model) have no problems at all.All help appreciated

I am trying to create per-user access lists for VPN clients connecting to 1721 router. I have set aaa authorization to access my radius server & I can see the AV-pairs being returned to the router. However, they dont seem to be getting applied. Is th...