Network Access Control

I've set up a second ACS server and was successfully replicated the database. But when I tried to enable PEAP Authentication under Global Authentication Setup, I get an error:"Failed to initialize PEAP or EAP-TLS authentication protocol because CA ce...

I have a C1760 with vpdn so remote users can do pptp-vpn to the branch office trough Internet.I have set-up the Ms Internet Autentication Services to act as AAA server, and the users correctly authenticate.I am now trying to see if the accounting ser...

Is it possible to use ACS to assign static IP addresses to VPN users where the external user database is AD?User <---> VPN <---> ACS <---> AD

HelloI need to get a list of users and the last time the connected from the Radius Accounting log. Does anybody know about tools that handle these logs and that can generate reports and stats?

Why the Passed authentication report empty?!! while the failed report o.k.i try to access routers with correct authentication through tacacs and the passed authentication report empty, while i try to put incorrect credential and this tries appear at ...

I have three domains, Domain A (NT 4.0) Domain B(NT 4.0) and Domain C (Active Directory). the ACS works for a Cisco Access Point (LEAP).The ACS is member of Domain C (W2000). and Domain A ans C are on the same LAN. Domain B is connected trought a 512...

ACS cannot Authenticate Aironet Users against Exernal DB (LDAP)Can anyone point me to a technical explanation of why this is true? All I have found so far is one small note in a help file and something that might be related under EAP-FAST explanation...

Is there any way to export to a file the list of users with non-encrypted passwords? I have to migrate the list of users to another Radius.Thank you in advance

Hello,I have repeatedly made the experience that when mirroring a port with 802.1x enabled, SPAN-function does not work properly. When the problem occurs (it does not each time), I seem to only get broadcast-frames, but no unicast. One time I could s...

hello, I have following configuration: Catalyst 2950G-proximity switches with IOS 12.1(19)EA1c. Cisco Secure ACS Appliance 3.2.3.11 SunONE Directory Server ldap server version 5.2_Patch_2 I am trying to setup 802.1x authentication for wired and wirel...

Dear all,802.1x can only apply access control on user level, i.e. that user can use any pc/notebooks to gain access to network.How about per device level? using MAC address control can be a choice, but it is not scalable as it increases admin overhea...

Need to use ACS3.3 for authenticating VPN3000 WebVPN clients. How can we lock a VPN3000 group used for WebVPN to a ACS3.3 group so that only members of the ACS group can signon to the 3000 site? VPN3000 and ACS3.3 communicate via Radius.

Hi all,the goal is to authenticate users logging in to a 2950 switch running IOS 12.1(22)EA2 to a MS IAS radius server.Following the configuration guide, there should be a command radius-server in global configuration mode but I think this command is...

I currently use my PIX as a VPN endpoint using Radius (Windows 2000 Server) and pre-shared keys. The possibility exists for more users to access the VPN services. I would like to do away with the pre-shared keys. Can someone point me in the right doc...

I have Acs 3.0 for windows, and i want to upgrade to higher version. What should i do, and what version i need ?