Network Access Control

cisco IOS/PIX RADIUS Attributes 009\001unable to pass ip:route=x.y.z.0 255.255.255.0but can pass ip:dns-servers=s.t.u.v w.x.y.z tried using , as a de-limiter but makes no difference cannot pass ip:route= by itselfWho knows what I'm missing ?All cont...

We are using an ACS to authenticate external users logging into a Juniper Neoteris SSL server. Authentication works OK, but password aging does not. Looking through the documentation it refers to using an external Windows database, but I dont want ...

Has anybody got a working CSV file as below that they can send me so I can get the idea of exactly the format.RDBMS synchronization import definitions are a listing of the action codes allowable in an accountActions file. The RDBMS Synchronization f...

Hi,I've a 3550 with an Ias 2003 and a Windows XP.On the same PC, authentication PEAP is ok with the first user, when i do a new authenticiation with an other user, the informations used for the authentication are the informations of the first user....

Hi,I am trying to set up one time enable authentication using Safeword version 3.1.1 and Cisco Secure ACS v. 3.2.So far I have configured the unknown user database to use the safeword server as an authentication database. Within ACS I have mapped a g...

Hi,My Cisco Secure ACS use RSA SecurID server as external database. My RSA SecurID server got a "authentication attack" message during Cisco Secure ACS server sent the authentication request to RSA SecurID server, I have asked RSA tech support, the r...

Is there any tool to Migrate from Cisco ACS for Unix to Cisco ACS for Windows.I have seen few documents discussing about this migration tools.Has Anybody used this tool, if so please let me know where to find this tool and procedure to use.thanks,mur...

We have a Cisco ACS server V 3.0 running on Windows 2000 SP2. We plan to upgrade the same to Cisco ACS 3.2.3 running on WIndows 2003. The direct upgrade path for Cisco ACS 3.2.3 as per the Release Notes is from 3.1.2, 3.2.1 and 3.2.2.Can someone prov...

Hi,first: the above msg is not found anywhere on cisco.com, not even on the error message decoder.We have routers configured to use aaa and tacacs+ to give administrators access to the exec. Tacacs+ server is CSACS (two servers). The servers are reac...

unable to get tacacs working on a 2500. Tried several different ways to configure it. but I believe I am not doing something correctly between the AAA commands and the vty 0 4 line. It normally looks for a tacacs server (hesitates) but then goes to...

On an IOS router, I can log the commands a user enters to a TACACS server with:aaa accounting commands 15 default start-stop group OSFMC These commands are logged to ACS and can be recorded...Can I do the same thing with PixOS?

Hello there,I'm having this awkward problem with IOS 6.3.3 while using AAA authentication. Because the authentication sends an HTTP page asking for userid and password in SSL. I get a popup stating that my SSL certificate does not match the web site ...

Hello, I want to connect to VPN 3000, groups are configured on ACS server and users are stored on a LDAP server. I want to assign IP to VPN client from the VPN 3000 but I want a different IP pool for each group configured on ACS. On ACS, I don't know...

I have problem to make aaa authorization work with the acs server for test purpose.Here is the router configaaa new-model!!aaa group server tacacs+ cisco server x.x.x.xaaa authentication login default group tacacs+ localaaa authorization commands 15 ...