Network Access Control

Is there a way to us the Microsoft AD OU groups instead of using the old NT groups to dynamically mapping users to the ACS groups? We are using ACS server at vers 3.2 as well as some test server on 3.3.

2 x ACS (Version Release 3.3(2) Build 2, on win2003 standard Server)in a wired 802.1X environment. CatOS 8.4(8)GLX.WS-C2980G-AConfiguration:#radius set radius server 10.201.66.100 auth-port 1812 set radius server 10.201.34.39 auth-port 1812 primarys...

why does my cisco3640 router(ios version 12.1(3)) have no commands like "ip auth-proxy xxx"? thanks for any help!!!

Hi What is the best upgrade solution here? we will be running the new database on new hardware.Will we have to upgrade the old system to an intermediate version(s) and export somehow or is there a way to export directly?All relevant advice appreciate...

Hello,We have multiple sites, with multiple APs (1100 & 1200's mostly). We would like to be able to restrict RADIUS users to specific sites or even specific AP's within a site. Each site has it's own unique subnet (ie: site 1 is 10.100.1.0/24 and sit...

Hello,I posted theis in the General Security forum bit got no answers so please pardon the repeat if you subscrib to bothI have a client with a hub and spoke design with the remote offices coming in over a frame relay. All WAN traffic hits a 3640 at...

I have setup my LDAP database configuration with the following attributes in the fields:User Directory Subtree=OU=7612,DC=1,DC=2Group Directory Subtree=OU=7612,DC=1,DC=2UserOjectType=subtreeUserObjectClass=subtreeGroupObjectType=dnGroupObjectClass=to...

We are deploying a Cisco Secure ACS 3.3 windows appliance and have successfully setup remote logging to a windows 2003 server. However, it appears that the administration audit.csv cannot be remote logged. Is this true? Or is there a method to set...

Hi I've working a freeradius server and AP1200 with EAP-TLS authentication.I'm trying to configure accounting in my AP1200 for EAP-TLS users, but my AP doesn't send any acct packet to my radius server when a wireless user connects. I've tried all opt...

i want to set up UCP,ive purchase ACS solution engine 1112 ver3.3 I guess the UCP comes preinstalled ......what are the steps to get UCP working i want users to be able to change their passwords I dont want to use password aging as it dosent work wit...

For the life of me, i cannot get my users to be able to create & edit subinterfaces using privilege levelsThis is my current privilege setupprivilege ip-vrf level 7 rdprivilege vpdn-group level 7 descriptionprivilege interface level 7 pvcprivilege in...

I have a multipurpose Radius server that already manages one Realm. I'd like to add another Realm for Administrators so that Administrators can use it for authentication on the routers. Currently, both Realms can authenticate on the router. How do I ...

We're using the VPN 3000 client, v3.5. When we tell the 3000 server to use SecurID authentication it works fine. If we switch to using RADIUS authentication, a lot of users cannot connect.The user never sees the "Username/Password" box and from the l...

Hello ACS 3.3.2 has a mapping to a 2003 MS AD domain member machine. The users are all in the AD. Now when a valid user but with a wrong password tries to login, then the failure is just seen in the 2003 MS security event log and not in the ACS faile...

I am unable to logon to any CatOS devices via ACS, using AD userids. I am able to logon to IOS devices with the AD userids. I was able to logon to CatOS previously (for the last year) with the AD userids. I am not sure what changed. I created loc...