Network Access Control

Does anyone have a quick answer to ACS licencing without me going through Cisco Sales ? Can we install ACS on a different machine at different location but not use it and keep it for DR purposes ? Does it void licence agreement ?Serhat

Hi.. My name is Fabio, I work on brazil like network manager. I placed Tac_plus to work on Linux, because it is needed to restrict some users accesses to routers. In the first case where users are able to give show and config commands referring "RTR"...

Hello I'm haveing problems logging exec commands with Cisco ACS server when we use our own groups instead of the default command.currently were trying to use the following commands for aaa.aaa authentication login vtyport group tacacs+ enableaaa auth...

We have Cisco ACS 3.3 is there a way to do authentication based on mac address, instead of username and password? We are looking to stop things such as user purchased access points and what not. Any info would be great.

Hello,our company uses NT Domain authentication over a radius server (Cisco ACS) for vpn authentication. There is little problem with users who belong to more than one group in the NT Domain. A user who is a member in more groups the authetication is...

I'm using a member W2K server to run ACS 3.2.I'm using ACS and Windows group mapping but my users always go into default group.Why?Thanks.Andrea.

I configured a user with the "apply password change rule". I was hoping that when telnetting into an IOS Firewall AAA client, he would be able to change his password but I get a "Chapass is currently disabled" meesage. Did I miss something ?

Certain users aren't allowed to issue the 'conf t' command on routers. When they attempt to do so they get the message 'command authorization failed.' However, in the router's buffer log the following is stated:%SYS-5-CONFIG_I: Configured from consol...

Hi,I have created 3-4 groups but kept 0:Default Group untouched.I have also created users in the other groups.However, authentication can be done only with the usernames of the people in the Default Group and not otherwise.If there any additional con...

I would like to authorize groups and users against an acs server. I am having trouble understanding what needs to be set on the concentrator and acs server.On the concentrator I have configured the acs servers globally as authorization servers. Then ...

I had a PIX501 providing "visitor" network access configured for AAA accounting match ACL "accounting permit ip any any" and in my Radius logs, received the IP address of the website the users would go to.I have since moved this network (and our "con...

1. Is there “show version” equivalent command on ACS? Where does the command reside?2. Can I delete a Group? If not, is there any way that I can reset the Group back to default setting?3. How can I upgrade from 3.2 to 3.3?

Hi,The followings are from the Yusuf bible. I think some of you had read and configured all that labs, so I really hope it's just a simple question for you.So, In Chap. 1 / Section 7.1:-------------------------------------------------"Configure two u...

Can ACS use the OU information in Microsoft AD to assign users to ACS groups similar to the NT groups? If it can what version of ACS server has this capability?Can I set up ACS to use Microsoft AD as a generic LDAP type database?Please let me know yo...

Hi, I need to provide users the ability to create/change their own passwords on an ACS Engine. I am currently running software 3.3. If this is in fact possible, how can it be achieved.