Network Access Control

Hello all, I am referring to the PIX 6.3 command reference guide for the command "aaa authentication". As per this document, there is no option like 'inbound' or 'outbound' in this command. But the examples under these command show these keywords. I ...

I have a VPN concentrator as well as Pix firewalls. Radius Accounting works well with the Concentrator, but not with the Pix. The Concentrator is sending unique session ID, Acct-Unique-Session-Id to the radius server. The Pix sends different Acct-Uni...

I want to make a setup where the people in the helpdesk are able to manage the configuration on fastethernet ports, but they are not allow to modify the gigabit ports. When using the CLI I can restrict the users, but when they are using CMS. In short...

hi,i would like to configure acs to athenticate the ssh access to the pix firewall using active directory( windows 2003)is it possible?how to do it?thanks.

I need some help with uauth usage. How to prevent from unauthorized access if someone is using proxy. For example user A need to access page A and is authorized to do this. user A goes throught proxy server. When user A is out of office (still logged...

Hello DearI am using ACS 3.1 for windows server. i wounder how i can log / record all commands executed by engineers on cisco devices during their telnet sessions. I can sucessfully permit/deny for particular command.Thanks

I am looking for a best practise with the following scenario:2 ACS Servers in 2 separate locations, each providing mutual backup to each other - i.e. all devices/users in Site X point to local ACS Server X 1st and remote ACS Server Y 2nd. In Site Y ...

I have an ACS 3.0 server with 200 user groups and around 100 NAS groups. There is some NT domain mappings configured.I'm installing a new Windows 2000 server with ACS 3.3. What's the best way to get the configs from the old one to the new one?Will ...

Has anyone managed to get proxy authentication to work correctly for HTTP when the port is redirected to another port. I have changed the basic fixup to include the new port and the authentication traffic acl uses this port but the PIX does not seem ...

Hi all,How do I tied diff Active Directory domain groups to diff ACS defined groups? Each domain group will be tied to an ACS defined group with a diff vlan. I read about the option in help but don't see the option to actually do it.using ACS 3.3.J...

Hi all,We are currently using ACS server 2.6 for wireless only, authentication is Radius.I need to log the failed logins on the router thru ACS server, can anyone help me with configuration on the router and what is to be done on the ACS server , i ...

Im using Tacacs Athenticacion with the CatOS 5.3(5a)CSX. When i logged to the Switch i can't access the enable mode.

I have a 3754 running AAA @ IOS 12.3.9. Whenever a user telnets or dials in and enters a blank username (by simply hitting a return/enter one too many times by habit), the connection is immediately dropped. This was not the behavior in earlier vers...

Basic config issue is :1) User Account is added to ACS 3.32) User Account is added to Group with correct Privilege Levels3) User Password Authentication: is listed as "Windows Database" 4) TACACS+ Enable Control: is set to user group settings5) And T...