Network Access Control

HiI've got 2 ACS servers 1 primary and 1 secondary, both on the same version and patch level 3.0(1) Build 40. I have configured the replication on both boxes, and manually set-up the external database configuration and group mappings on both boxes. I...

Hi AllI had test successful 802.1X authtication with local DB(ACS local Database) , now my boss want to used windows 2000 DB to authtication all user , So i creat external DB on ACS Server and i think configure promptlyI can logon Catalyst 2950 cons...

We've configured the PIX515 v6.22 to authenticate user (Cisco VPN client v4.01)using Windows IAS accordingly to Cisco documentation. The issue is that the user authentication prompt does not appear. IPSec VPN can be established and access to internal...

I setup a radius server to apply aaa on routers and switches.In routers, using local privilege and work well. In switches, it just gets into exec mode. When I set radius profile, just one 6509 can become enable prompt, others fail.I checked the versi...

Hi,I've few questions on TACACS+ (ACS) and RADIUS (CAR):1. Which is the preferred communication method between TACACS+ (ACS) with OID? Is it Generic LDAP or ODBC? Basically, the TACACS+ will just forward the AAA request from NAS to the OID.2. If poss...

Hi,Does anyone know how to test the performance of ACS Appliance (ACS 3.2) ?According to the manual, the "transactions per second per number of users" is 80 RADIUS full login cycles (auth,account start,account stop) per second with 10000 users in the...

HiWe have two server RADIUS on the network.The first is the primary and the second the secondary.But a part of the trafic go to the secondary.How to configure the system if I want all the trafic go to the primary ? and how to configure the system if ...

hi,how do you enable the accounting the view/capture of this particular vsa on ACS.via a debug, i can see this attribute being sent to the radius server, but i looked for this particular att within the acs and couldn't find it. i could not find how t...

Hi !We would like to implement a redundant TACACS solution using Cisco`s Secure ACS. Do you know whether this can be done with this kind of software ?(Failover, Database synchronisation and so on... )Thx in advanceHans

We are using VPN 3.x clients to connect to a PIX 515 with radius authentication from windows active directory. Is the password encrypted when the user types in the VPN client and get sent to the PIX? Is the vpn tunnel already formed before transferri...

I am trying to protect IIS web server from attack with RADIUS on a PIX and when I try to use aaa authenticate HTTPS xxx.xxx.xxx.xxx outside 0.0.0.0 0.0.0.0 I get a warning on the client browser about the certificate on the PIX. I do not have a certi...

Does anyone know if you can authenticate (XAuth) a VPN client terminating on a PIX FW to a local AAA database?I heard that it would be available in PIX v6.3.3 but haven't heard of anyone using it.It would be nice to authenticate individual users (for...

I would like to know if it is possible to apply dynamic access-list per user using the RADIUS protocol. To be more specific, I am trying to setup a Router as a "Proxy" telnet. A user will access the router by telnet and from there will initiate a tel...

Hi All:I want to implement 802.1X, But i want to authetication user name bind user macFor example Alex had one computer mac is 00-00-00-00-00-00 he can authetication with his mac promptly , In someday , Alex carry another laptop , mac is 11-11-11-11-...