Network Access Control

Hi,I have installed a ACS 2.6 server which has joined domain. Local accounts are created in ACS and their password is using domain password. Beside switches, I have also defined LMS as one of the device on ACS, authenticating via TACACS+.I would like...

Anyone have an ini file which adds the packeteer attributes to an acs 3.2 server. I'm having problems with the "=" in the VSA. I'll keep trying but if someone has already done this please send it over.Does Cisco have a site that might already have de...

Our VPN 3030 Concentrator is sitting in the DMZ zone of our firewall. The ACS is sitting behind the firewall inside our LAN. Our mobile users are authenticated through the ACS server when they wants to establish a VPN connection to our network. Curre...

I need to have several sets of NAS devices configured as both TACACS and Radius clients in ACS.How can I get this done?

Out of nowhere, my VPN 3000 has started deleting connections for a couple of accounts as soon as they authenticate. I type in the user name and password; it authenticates, negotiates security policies, and then says "Not Connected". I turned on full ...

Dear support,My PIX asks AAA for HTTP traffic. The timeout are set up as 1hour for absolute and 20 minutes for inactivity.Everything was working correctly in PIX 6.2(2).I've upgraded the pix to 6.3(3). Now, an authentication request is asking at each...

I have on the main site Cisco Secure running and in the remote sites i'm configuring AAA. However i'm not interested on authenticate users to work with the router. What i Need is to authenticate the users to restrict or permit Internet Acceess. How c...

Is there a way to allow a particular user to login to a network by means of a predefined path? For example: User A is logging in via a WLAN and has a security profile A. Let's say that user A has very strong security needs. User B wants to use ISDN o...

Is there a configuration to have a backup authentication for the enable mode for the PIX 501. I currently have a 501 configured to authenticate to a AAA server, but want to have a backup like a local authentication, in case the connection is lost, an...

Hi,I've a problem using WIN as External DB for auth.I've setup an Appliance, with a Remote Agent which is a member server of the domain (still NT).Then I've configured the steps to delegate the auth to the External DB but every time I tried to test w...

how can I user win2k's user in acs 3.0x? when I use acs 3.01 for win2k to do 802.1x+ port authentication,I just can use acs's user,but not win2k's user,I have maped the win2k group to acs's group,but the failed attampls log tell me:"auth type not sup...

I'm using a Nomadix Hotspot Gateway and ACS 3.2 as AAA and Radius Server, using CSDB for user accounts to provide wireless access in a hotel.My users will use prepaid cards for use once only, or maximum time access 1 hour. I've configured users group...

Is PIX OS capable of accounting all commands entered (similar to Cat IOS accounting)? I want to be able to log commands...I don't neccesarily need to log traffic through the PIX.

Has anybody implemented the following solution?- PIX 6.2 or 6.3- CS ACS 3.x- VPN Clients 3.x or 4.xVPN clients are authenticated using radius when establishing the VPN session to the PIX. I want a predefined ACL to be dynamically assigned to the PIX ...

We have a switched network with a whole bunch of Cat-2980G switches and a couple of 6506's core ones with the MSFC's. We need to increase the inactivity time for the arp cache on the MSFC's from the existing 4 hours to probably 16 hours. Can someone ...