Network Access Control

PIX 6.3.3ACS 3.2PIX VPN users (Internet users, not LAN-to-LAN- users)are, until now, authenticated only via the VPNGROUP and associated preshared password;Now, we want to authenticate these VPN users thru AAA and the ACS 3.2;To do so, we coded the us...

I have noticed that failed attempt logs for our pix in CSACS 4.2 shows the pix's own ip address as the callerid of the failed attempt. This makes it difficult to track failed attempts back to the originating device.Is there a way to have the pix send...

Hi,The requirement is to intergrate Pix firewall withCisco Tacacs server. We need to do authentication as well as authorization.The issue is that in case the TACACS is not responding or/fails , we are not able get to the Pix even through colsole as i...

my 2501 router's IOS version is 11.11and vty can pass auth.the config is:aaa new-modelaaa authentication login huateng radiusaaa authentication ppp huateng if-needed radiusip radius source-interface Ethernet0interface Async1 ip unnumbered Ethernet0 i...

My problem is similar to others as far as I can successfully make a vpn connection to my PIX firewall. Once connected, I can not access any network resources. The differnece is that I am going through a CISCO 2514 router. This is a test lab that I ha...

Im working on a http autentication from the outside network (Internet)on my PIX IOS 6.31.The extended autentication is with RSA RADIUS platform.All works fine but when the token goes on the "next token code" after bad password,the RSA server pop-upto...

We are having problems with our Cisco Router 831 all the time. If the router works, the Microsoft certificate authority does, and vice versa. I am tired of the constant troubleshooting I have to do and I want to get rid of the certificate authenticat...

Got a AS5350 here not allocating IP Addresses from the ACS server (v3.2.2) Radius Athentication succeeds, but no IP addresses get asigned.config has:aaa authorization network default group radiusOn the group async 0 interface no peer default ip addre...

Can anyonbe help me with this...on a cisco router you can configure it to attempt to authenticate against the ACS server, and fail over to the local password.I want to set up the same on a PIX firewall, but can find no way to get it to use a local pa...

Hi.I'm using the TCL example for IVR application from Cisco. I'm doing a ver simple test, i'm trying to send a new AV-pairs in a authorize RADIUS message. I had followed all the steps in the TCL 2.0 Script Command Reference, but i'm unable to attach ...

Is it possible to set a single enable password for all clients that authenticate through the ACS.Instead of setting an enable password on a per user basis I would like to set it in a single global place once that will then be used by all clients adde...

I used the set password command in a wrong way and cant login anymore.Catalyst 6000 #version 5.5(1)I just pasted this into my telnet window:Cat6k> (enable) set password <mynewpass>Usage: set passwordCat6k> (enable) set enablepass <mynewenablepass>Usa...

We have CiscoSecure ACS 3.2.We have now developed a strange problem with certain usernames. They appear as normal usernames in the list, but don't authenticate. If you click on them instead of showing the existing user's properties, it appears as if ...

Hi:I want to use authentication and authorization with an aaa server, It ís working ok but I have a doubt.Can I use at the same time authentication and authorization with local username as a backup ? I think in case of my aaa server failure.Thank you...