Network Access Control

Hello..I am using the ACS v2.6 in Windows2000.I want to limit the user session in ACS..All user can login to Router in one session at a time.I tried to set it in user setup, but it didn't work.I really want to know how to setting it...

There are two RADIUS servers - Cisco ACS and some freeradius. Both servers are proxy servers for each other - we have on our distribution table their RADIUS as proxy, and they have ours. Problem - we can authenticate to their RADIUS with their userna...

Hi gurus,Please help:acs (net172.16.1.12)---PIX(10.0.20.1/28)-----(10.0.20.32/28)PIX----NASRouter (Fa0/0 192.168.0.1)--Dial-in User. NOTE: --Between PIX there has 2 network coz go throughservice provider --The Fa0/0 has being NAT-ed to 10.0.20.46. --...

I'm trying to use ACS 2.6 and ACS 3.2 as a radius server to for my Msft win-xp client to do authentication before it brings up its pptp client.To that end, on ACS, I enable the attributes:MS-CHAP-MPPE-Keys (N/A)MS-CHAP-MPPE-Types (128 bit)MS-MPPE-Re...

Hello,I have a LNS configured to send start and stop accounting messages to the Radius server.It seems some stop messages aren't received by the server.Is there a retransmission timer for the accounting stop messages ?Thanks

Which is the behaviour of a LNS in such a situation :A Radius server sends an access-accept with an IP address which is already linked to a PPP session.Does the LNS maintain the PPP session and refuse the creation of a new one, or does it react by de...

Hi,I have installed a ACS 2.6 server which has joined domain. Local accounts are created in ACS and their password is using domain password. Beside switches, I have also defined LMS as one of the device on ACS, authenticating via TACACS+.I would like...

Anyone have an ini file which adds the packeteer attributes to an acs 3.2 server. I'm having problems with the "=" in the VSA. I'll keep trying but if someone has already done this please send it over.Does Cisco have a site that might already have ...

Our VPN 3030 Concentrator is sitting in the DMZ zone of our firewall. The ACS is sitting behind the firewall inside our LAN. Our mobile users are authenticated through the ACS server when they wants to establish a VPN connection to our network. Curre...

I need to have several sets of NAS devices configured as both TACACS and Radius clients in ACS.How can I get this done?

Out of nowhere, my VPN 3000 has started deleting connections for a couple of accounts as soon as they authenticate. I type in the user name and password; it authenticates, negotiates security policies, and then says "Not Connected". I turned on full ...

Dear support,My PIX asks AAA for HTTP traffic. The timeout are set up as 1hour for absolute and 20 minutes for inactivity.Everything was working correctly in PIX 6.2(2).I've upgraded the pix to 6.3(3). Now, an authentication request is asking at each...

I have on the main site Cisco Secure running and in the remote sites i'm configuring AAA. However i'm not interested on authenticate users to work with the router. What i Need is to authenticate the users to restrict or permit Internet Acceess. How c...

Is there a way to allow a particular user to login to a network by means of a predefined path? For example: User A is logging in via a WLAN and has a security profile A. Let's say that user A has very strong security needs. User B wants to use ISDN o...

Is there a configuration to have a backup authentication for the enable mode for the PIX 501. I currently have a 501 configured to authenticate to a AAA server, but want to have a backup like a local authentication, in case the connection is lost, an...