Network Access Control

Anybody know where can I find description and format of the following ACS VoIP Acounting Fields:Date Time Calling-Station-Id Called-Station-Id Acct-Session-Time Voice Quality Call Leg Setup Time Acct-Delay-Time Gateway Identifier Co...

Have an interesting problem and was wondering if anyone else has seen the same behavior and knows of a solution...Environment:Cisco VPN 3015Cisco ACS 3.1/Win2KRSA ACE/5.1 AdvancedSecurID TokensHave set the VPN Concentrator to use TACACS+ for all admi...

Hi, I'm using ip auth-proxy feature. And it has a inactivity timeout value that you can confgure on router globally. But I want to set this value on radius per user. I tried to set idle-timeout radius attribute but it didn't affect or override the gl...

802.1x VLAN Assignment Using a RADIUS Server. In supervisor engine software releases prior to software release 7.2(2), once the 802.1x host is authenticated, it joins an NVRAM-configured VLAN. With software release 7.2(2) and later releases, after au...

HiI am trying to get CiscoSecure Authentication Agent working: Does anyone know whether it can work in my configuration.ACS 3.2 using RadiusThe NAS is a 2611 router (home gateway) running IOS 12.2The main reason for CAA is to get ACS's Password Agein...

hi all,I've read that ACS 3.2 doesn't support the upn format of a user (user@domain), it only support qualified format (domain\user).win 98, xp... are ok with domain\user but win 2000send user@domain.how authent win 2000 clients in several different ...

Problem:Want to let customer authenticate at PIX outside interface and then open up SQL port 1433 to run enterprise managerPort 1433 not accessable by anyone else unless authenticatedI'm looking for the type of functionallity that the lock and key ac...

When I try to install a certificate that I generated using Cisco ACS signing request (CSR) I am getting an error mesage."Can not find certificate with specified common name in the ACS Storage" Am I missing a step I verified the name and the path of ...

Hi, I am having a problem with this command.When I make a debug in the cisco as5200, this line gets me an idea:directed-request server xx.xx.xx.xx is not in listBut I have configure the 2 radius servers,Does anybody experiment the same problemThanks ...

Hi, I'm running two Radius clients (a C3005 and a web-server, i.e. an IETF client) and I want to restrict access of users/groups to them. The problem I have is that when I'm using 'Ip based AR', no matter what I enter (permitted/denied, All Clients o...

Any idea when a version of ACS that works with W2K SP4 will be coming out?

I have a 6509 authenticating with a Tacacs+ server, but i want that the Switch authenticates with a local username and password in the case that the Switch cannot reach the Tacacs+ Server.Can this CatOs support this feature??

We are running an MPLS network. Our customers router (CE) that connects to the PE runs RIP. We are required by some of customers to implement authentication on RIP.Our concern is what is the impact to the network when we implement it:-For example, le...

Hi,I am trying to set up some routers & switches so that users authenticate with the radius server.However I am not able to input the radius-server command to specify the host and port etc.I have entered the following:aaa new-modelaaa authentication ...

Some one modified his workstation' MAC and rebooted his machine.Then he again modified his machine's MAC to original one after he intruded into my computer. My IDS recorded his ip and MAC. How to find which house the hacker's computer was? After the ...