Network Access Control

Users use CSAC 3.2 to authenticate their sessions to diferent equipment. When user ends session it seems to be still taken at AAA, but it isn't vissible in logged-in users logs.It's necesarily to temporarily increase simultaneous session parameter to...

I am trying to setup accounting on an ACS server to log only users managing a pix that is tolog when a admin logs into a pix and what commands were performed while the user was logged in. I have Authentication and Authorization working.

Have a 5350 communications server, using Radius to authenticate, but want to set an ACL on the Cisco side (local) to limit network communiations after PPP connection to one IP addr. I've tried multiple access-list commands, but have been unable to as...

Where can I find the RADIUS dictionary with the new VSA for a VPN Concentrator sw 4.1.7?Thanks.Andrea.

I noticed this in my log this morning. Is there anyway I can find the IP address of the person trying to log into my router (1711)?001315: Feb 21 08:11:48.548 EST: SSH0: password authentication failed for test001316: Feb 21 08:11:48.548 EST: SSH0: AA...

I am trying to Log Users Managing Activity on a pix with ACS3.2. I have setup Authorization and Authentication to the ACS. But am not able to see user activity while managing the pix in accounting.

i am using cisco ACS ver 3.2.i have created 4 NDG and 4 users all in the same group.i want to restrict the users in a particular NDG only with a restriction such that the admin here would not be able to telnet to the other NDG.i have tried assigning ...

Can anyone assist with the following issue:Scenario: XP client (SP1) connecting to Dot1x port (Cisco 4507-R switch) running IOS 12.2(25)EW.1. The switch is sending an EAPOL identity request to the supplicant.2. The supplicant responds with an identit...

My question involves the order in which a PIX firewall using virtual telnet for authentication parses the authentication. When a user telnets to the virtual telnet addresses does the PIX contact the radius server first and the radius server tells the...

Hi All,I am doing a cut-through proxy feature test with my 2600 router with ios 12.3 and authenticate with acs 3.0 server but failed (I have tried radius and tacacs+) but I was successful using local authentication. The following is the debug message...

Greetings,What is the appropriate number of background process, defined by cmd:aaa processes number, that can satisfy the authentication and authorization of a 350 concurrent PPP access sessions, using a 3725, 7206 NAS and AAA engine solutions?TIA

Hi, In the 3.3 Appliance user guide appendix F6 it states that the default method for event notification is SMTP email, it goes on to say that it is possible to create scripts to enable other methods. I would like to get more information if this is p...

I am looking at using a pair of PIX 525 for firewalling and ipsec termination. The firewall will have two physical and about 8 virtual interfaces. I would like to have the pix be the termination point for ipsec traffic on two interfaces, outside and ...

Hi Everybody.I have 4 zones in my pix configured . Outside, inside, remotezone, dmz. I have my 2RAS boxes sitting on the remote zone. I need to make these boxes to send authentication request to acs sitting in the inside zone. If i say radius server ...

Is there a way to upgrade ACS 2.4 to ACS 3.3 preserving the user and group databases ?Maybe I have to follow a path like 2.4 to 2.5 to 2.6 to 3.0 to 3.3, but I don't know.A hard upgrade from 2.4 to 3.3 doesn't give the wanted results. The installing ...