Network Access Control

Hi,we currently intend to deploy a PKI-infrastructure with several subordinate CAs in it. The PKI is made up like a tree - ROOT CA on top, subordinate CAs follow the branches. One of these subordinate CAs would be the CA for issuing EAP/TLS-certifica...

Hi all,i've configured my router's authentication and authorization in this fashion:username test privilege 15 password testaaa authentication password-prompt password:aaa authentication username-prompt login:aaa authentication login vty group radius...

Deall all,i want ask about aaa new-modelaaa authentication login line line localWhat the second line mean .. plz i appreciate any answer

I want to know when we´ll reach the password expiration date for each user defined in the ACS systemDo you know where can I find this data?I was piggybacking the file dump.txt that I get when I run the csutil -d command.The data that I´m looking for ...

Can anyone help me with a step by step example on how I could set-up a user account, so as when used accounting session to be dublicated (or forwarded) to another host? Authentication and authorisation will remain local.Thanks...

Are there any special things I need to know to perform this upgrade? Does it require a reboot? Need to know if I should schedule a block of downtime or if it is something that can be upgraded in a few minutes. thanks

Hello! I have a problem with the tacacs pre/post authorization methode.(I have a tac_plus F4.0.4.alpha.)I would like write a shell (or perl) script for the command authorization.(The autocommand works fine -- in shell script -- , but the command aut...

Hi!Does anybody know an easy way to get SENDAUTH password from RADIUS?Suppose we have ISDN line with hub router that can call several remote routers. I don't want to configure the hub with lots of "username Remote-X password Y", but still want to use...

hi guys,i would like for someone to explain to me how to get a detailed accounting report as to what changes were made to the configuration of a device.

Hi,Please can anybody provide some insight how we can replicate Sun iplanet LDAP database into a ACS server database.I will appreciate any help.

We use 6 Cisco ACSs with ver 3.2 with routers running IOS 11.1 thru 12.3. Entries are made on 1 ACS and its database is replicated to the other 5 ACSs. Routers with the same IOS ver are configured with the same AAA statements. Depending on a router's...

I want to add more attributes in accounting packet than what cisco 2509 NAS sends by default to the radius server. Can anyone show me the way how to add more accounting attributes like Acct-SessionTime and more in the accounting packet that is sent b...

Hello, trying/fighting to authenticate 802.1x eapol between a cisco 3550 emi catalyst switch and a windows xp home service pack 1, registry modified (supplicantmode=3) and the authentication doesn't work. Authentication software CISCO SECURE ACS 3.2....

Hi guys,so far I tried the online doco in 3.2 and searched through a couple of posts on this forum. I need to set Attribute 135 and 136 under RADIUS IETF. When I bring up the list of attributes to be displayed under "Interface Config", the attributes...

Can you point me to a configuration guide that would walk me through using my ACS 3.2 Appliance to be the RADIUS authenticator for WIN2K PC's? I'd like to implement 802.1x and the PCs are connected to a 3560 switch. Also if Active Directory could b...