Network Access Control

I have been assigned this task of enabling AAA for all our network equipments (switches and routers) and to use TACACS+ server. I havent had any experience in setting TACACS+ before but currently we are using RADIUS for our dialup users.aaa authentic...

My textbooks don't seem to agree on this one issue. One of my textbooks say that you have to use TACACS+ for some features like cut-through proxy or virtual http, where another says you can use RADIUS for any AAA implementation. Could someone tell me...

Hi,What magic stuff do i need todo to get"radius-server attribute 32 include-in-access-req format kn01_%h" to work in Cat3560 12.2(25)SE?(Attribute #44 works but i dont need this, only test)3560#sh run | inc radiusaaa group server radius rad_adminaaa...

I have a problem with user changing password on cisco secure ACS using the browser. when you get to the login page, and you supply the log in username and current password, it takes you to the page to change the password but only staysthere for some ...

We have set up guest internet access in our enterprise using GRE tunneling with a PIX. I'm trying to determine the best way to do authentication for users on this guest network. I think I can do RADIUS (using ACS) with the PIX as an NAS. Question is...

I am trying to allocate a primary and secondary DNS server ip address to VPN clients within the group settings. These clients are termination on a Cisco 7200 Router. I am able to allocate an ip address from the dhcp pools fine, but I am unable to get...

I have a small group of users that I want to allow access to a switch. I only want to allow them to do "show int status", "show run" and "show proc." What is the best way to set this up? Does the privlige level have to be set up on the switch or is t...

Hi all,is it possible to import Users from a Textfile to the ACS Userdatabase. I have to import 2000 MAC Adresses from a file for MAC Authentication.

Hi All,I have configured my router to use my TACACS+ server and everything is working fine, no complaints. Now I configured my CAT 2900XL to use it and it won't let me authenticate. I can, though use the local username and password I configured to ge...

Does ACS v3.0 support PEAP?

Hi all,What does "tacacs administration" option provide and what are advantages/disadvantages to enable it on router?Does "tacacs single-connection" have any advantage vs. multiconnection mode?Thanks in advance

I would like to setup 802.1x authentication on our LAN. I setup a MS IAS as a radius server on our Domain Controller (AD). I pointed my 3550 to the radius server. My question is what should I use if I want to use Windows logon credentials for auth...

We are using RADIUS IETF in ACS and EAP MD5. My switch is 2950 whith this commands:radius-server host a.b.c.dradius-server key ciscoaaa authentication dot1x default group radiusaaa authorization network default group radiusdot1x system-auth-controlin...

We use ACS and RSA to control access for RAS, VPN, and network devices. However, for ACS management login http://acsserver:2002, we use login defined in ACS administration panel. Is there anyway to login to ACS management web using external authentic...