Network Access Control

I am on PIX version 6.3I have created a aaa-server tag and now I need to make change to the key. How can I make a change of the key or remove it in order to recreate it?no aaa-server tag protocol radiusnor no aaa-server tag (inside) host xxx.xxx.xxx....

Hello, I configure a VPN Client to establish a VPN with a PIX506. I configure the he VPN Client authentication for through TACACS+ and I define a local IP address pool in the pix to assign dynamically to the VPN user. All this run ok. Now I need ...

Hello,Is there any way to get the cisco router to use MSCHAPv2 for telnet/enable authentication?What I have set up now:aaa new-modelaaa authentication login telnet group radius enableenable secret xxxxxxxxxxenable password testradius-server host XXXX...

My client-pc is connected to a C2950 switch that is configured for 802.1X port authentication. The C2950 switch forwards the pc authetication request to a Cisco ACS Radius server version 3.2.Which RADIUS attributes need to be set on ACS Radius server...

Anybody know where can I find description and format of the following ACS VoIP Acounting Fields:Date Time Calling-Station-Id Called-Station-Id Acct-Session-Time Voice Quality Call Leg Setup Time Acct-Delay-Time Gateway Identifier Co...

Have an interesting problem and was wondering if anyone else has seen the same behavior and knows of a solution...Environment:Cisco VPN 3015Cisco ACS 3.1/Win2KRSA ACE/5.1 AdvancedSecurID TokensHave set the VPN Concentrator to use TACACS+ for all admi...

Hi, I'm using ip auth-proxy feature. And it has a inactivity timeout value that you can confgure on router globally. But I want to set this value on radius per user. I tried to set idle-timeout radius attribute but it didn't affect or override the gl...

802.1x VLAN Assignment Using a RADIUS Server. In supervisor engine software releases prior to software release 7.2(2), once the 802.1x host is authenticated, it joins an NVRAM-configured VLAN. With software release 7.2(2) and later releases, after au...

HiI am trying to get CiscoSecure Authentication Agent working: Does anyone know whether it can work in my configuration.ACS 3.2 using RadiusThe NAS is a 2611 router (home gateway) running IOS 12.2The main reason for CAA is to get ACS's Password Agein...

hi all,I've read that ACS 3.2 doesn't support the upn format of a user (user@domain), it only support qualified format (domain\user).win 98, xp... are ok with domain\user but win 2000send user@domain.how authent win 2000 clients in several different ...

Problem:Want to let customer authenticate at PIX outside interface and then open up SQL port 1433 to run enterprise managerPort 1433 not accessable by anyone else unless authenticatedI'm looking for the type of functionallity that the lock and key ac...

When I try to install a certificate that I generated using Cisco ACS signing request (CSR) I am getting an error mesage."Can not find certificate with specified common name in the ACS Storage" Am I missing a step I verified the name and the path of ...

Hi, I am having a problem with this command.When I make a debug in the cisco as5200, this line gets me an idea:directed-request server xx.xx.xx.xx is not in listBut I have configure the 2 radius servers,Does anybody experiment the same problemThanks ...

Hi, I'm running two Radius clients (a C3005 and a web-server, i.e. an IETF client) and I want to restrict access of users/groups to them. The problem I have is that when I'm using 'Ip based AR', no matter what I enter (permitted/denied, All Clients o...

Any idea when a version of ACS that works with W2K SP4 will be coming out?