Network Access Control

Hi ThereI have just successfully upgraded my ACS3.2(2) to v3.3 retaining the original configuration db. Although both the ACS and ACE applications work fine individually, the ACS is not passing the user login request to the ACE server (as per the con...

Hello,we are using a C3745 with 2 E1 PRI-Interfaces andan ACS 3.2 for Radius authentication and accountingfor our dialout connects via ISDN.We are searching for a possibility to account alsothe src IP of the host which is responsible for thesetup of ...

I have a Cisco AP1200, I want admin access to be authenticated via Tacacs+ and wireless users to be authenticated be Radius. However I cannot seem to set the ACS 3.2 to accept both types of authentication for one device, either one or the other. I ha...

Greetings, Been trying to get RADIUS working on our network. All Cisco devices running 12.1(13)EA1a or 12.2(20)EW.Config - aaa new-modelaaa authentication login default local group radiusaaa authorization network default group radiusThe server is a...

I am incredibly frustrated by what should be an easy task. I have an ACS 3.2, and want to use PEAP for wireless client authentication, but have gotten nowhere despite:1. Purchasing a "WLAN" certificate from Verisign (installed in IE, untouchable in ...

I have a ACS3.2 (appliance) in my environment, would like to find out is there a free upgrade entitlement for the 1st upgrade?

Hello,how can I change the speed of the Serial Consoleof an ACS Appliance. The Docu states that the speedhas to be 115200, but my Terminal Server does not support this, so I want to configure this value.Does anybody know if this is possible, and how ...

hi,I want to find the IP adress of an unknown user, because he/she trying to make a connection a lot of times, and this is making my log file bigger.is anybody know the answer?thanks

Hi,I would like to authorize only certain configuration commands by the Tacacs Server, so in the group setup of ACS, I have checked : command, I have written in the field : configure, and declared as arguments : permit terminal and permit snmp-server...

Im having a small problem with my ACS server.All authentication is working fine, but when i goto "Reports" and check the logged in users, there are none. Also, I know that users are on the Wireless Network. When we had our VxWorks enviorment, the ACS...

I'm running ACS 3.3. I have a bunch of Catalyst 3550 and 3560 switches, some running IOS 12.1(19)EA1c and others running IOS 12.2(20)SE1.All are configured for TACACS+ as follows:aaa new-modelaaa authentication login default group tacacs+ lineaaa aut...

My original goal is to have some ability of user management with our wireless authentication. Currently, we go through the local database on ACS, but we cannot manage these users to any great extent. My plan is to set up a test network where I am u...

Certain users who log into our 2950 switches login with privilege level 3 access and are only allowed to do the below. I want to remove the privilege statements from the router and have the command authorization component of our ACS (TACACS+) to set ...

Is it possible in ACS 3.0 to limit a user groups access to a specific network device group only? I need to set up several local administrator user groups with corresponding network device groups. User group "A" should have access to network device g...

I am modifying a TCL 2.0 script and I am trying to issue a "aaa authorize" command that will include the DNIS (Called-station-id). The Cisco sends the authorize request but it doesnt have the DNIS in it. It does have Calling-station-id and other AVs....