Network Access Control

I need to allow some users to set the port vlan but restricting them to create the vlan. This is what I want to achieve..set vlan <All Vlan> <All modules>/<All ports>currently, I am permitting (permit vlan *) as a temp solution for them to do their j...

Hi allWe setup TACACS+ authentication by following this link http://www.cisco.com/en/US/tech/tk59/technologies_tech_note09186a00800946a3.shtml .We noticed there are some authentication failures among couple hundred success. From the TACACS+ log file ...

Hi,I use Cisco Secure version 3.2 on windows 2000I just had a new custom VSA Radius with the utility CSUtil.exeFist i create the file myvsa.ini, this is for a SONET optical Nortel equipement, here it is:[User Defined Vendor]Name=OM3000IETF Code=56...

Hi,I have an IBM server running AIX 5.2 and I have a Cisco Secure ACS solution whitch protect access to the Cisco equipements(router, PIX and Switches ).Today I want to protect access to the IBM Server.Is is possible?and how can I do this? Thanks in ...

I have several Catalyst 3750 switches that I'm running Tacacs on. I set the switch up to be an http server so that some of our admins could administer the switches through the web gui. Is it possible to login to the web console via your Tacacs logi...

I have AAA running on my router and I can authenticate/authorize using the ACS server. I wanted test my config so I turned off the ACS server and tried logging in using the local username and password, I authenticate fine but then I get %Auth...

How to map this command from IOS to FWSM ?I want user when login and authenticated, it right way go direct to exec mode. No problem at IOS but , not sure how to configure it on FWSM or PIX Firewall.aaa authentication enable default enable noneaaa aut...

Hi,When I create user call peapuser in ACS, I have the option to use password authentication under windows database or cisco secure database.Let say if I choose to use windows database, does it mean I can use password aging and allow user to change p...

What are the steps to allow credientals to pass to another router, Example. I telnet to router a, I then need to telnet to router b, is it possible to not authenticate again ?

I have tacacs+ running on my routers and everything is okay there is one thing when I authenticate through the AAA server with my user name and password I then have to turn around and put in an enable password. I want to ditch the enable password so ...

I need to unload all of the users in out ACS 3.3 CSDB (local ACS database) and reload them due to issues. I can get the export working to get the username/group number information, but I can't see how to export the supplementary user information (Re...

HiI have some nortel lan switches that I want everyone who telnets to, to be authenticated using acs.The acs server show the logon passes but the telnet session states it was unsucessful.Does anyone have a config guide on how to set this up ???

Hello,I can't seem to find the commands to do what I need. I have a 6509 running 7.5.1 Cat OS. I want the Radius server to authenticate and authorize privilege based on the user database in Radius. Could someone point me to the set commands to do ...

I'm wondering if it's possible to assign a privilege level for a PIX user via ACS?For routers it works fine. But since the PIX supports only command authoriztion, I'm not sure how to do it, i.e. assign privilege level 2 for user helpdesk.Is it also p...