Network Access Control

HiI am trying to get CiscoSecure Authentication Agent working: Does anyone know whether it can work in my configuration.ACS 3.2 using RadiusThe NAS is a 2611 router (home gateway) running IOS 12.2The main reason for CAA is to get ACS's Password Agein...

hi all,I've read that ACS 3.2 doesn't support the upn format of a user (user@domain), it only support qualified format (domain\user).win 98, xp... are ok with domain\user but win 2000send user@domain.how authent win 2000 clients in several different ...

Problem:Want to let customer authenticate at PIX outside interface and then open up SQL port 1433 to run enterprise managerPort 1433 not accessable by anyone else unless authenticatedI'm looking for the type of functionallity that the lock and key ac...

When I try to install a certificate that I generated using Cisco ACS signing request (CSR) I am getting an error mesage."Can not find certificate with specified common name in the ACS Storage" Am I missing a step I verified the name and the path of ...

Hi, I am having a problem with this command.When I make a debug in the cisco as5200, this line gets me an idea:directed-request server xx.xx.xx.xx is not in listBut I have configure the 2 radius servers,Does anybody experiment the same problemThanks ...

Hi, I'm running two Radius clients (a C3005 and a web-server, i.e. an IETF client) and I want to restrict access of users/groups to them. The problem I have is that when I'm using 'Ip based AR', no matter what I enter (permitted/denied, All Clients o...

Any idea when a version of ACS that works with W2K SP4 will be coming out?

I have a 6509 authenticating with a Tacacs+ server, but i want that the Switch authenticates with a local username and password in the case that the Switch cannot reach the Tacacs+ Server.Can this CatOs support this feature??

Hi,I am trying to set up some routers & switches so that users authenticate with the radius server.However I am not able to input the radius-server command to specify the host and port etc.I have entered the following:aaa new-modelaaa authentication ...

Some one modified his workstation' MAC and rebooted his machine.Then he again modified his machine's MAC to original one after he intruded into my computer. My IDS recorded his ip and MAC. How to find which house the hacker's computer was? After the ...

I'm migrating users from a legacy firewall to a new security infrastructure using PIX 515E's.We provide Internet access to the public from certain locations and this is currently controlled using a proprietary "authentication client", a piece of soft...

Hello.The problem is that under Interface Configuration RADIUS (IETF) AV pairs Primary-DNS-Server (135), and Secondary-DNS-Server (136) didn't displayed. How to make it visible ?F.e. for TACACS+ I can add new service, but I don't see any way to do th...

I have pix 501 and configured for easy vpn, it is working fine. Now, I like to add some type of authenticate into my PIX. I preferred Windows NT AD authenticate. How do I configure Win NT AD authenticate if it is possible.

Hello, got some qns here after reading the ccnp switching guide... a command like this : switch(config-if)# dot1x port-control {force-authorized | force-unauthorized | auto} force-authorized : The port is forced to always authorize any connected clie...

Hello,at the ACS server in the user setup there is a fieldClient IP Address Assignment.There I can select a static ip addresss for a client.When I do so, does the ACS only check, if the client uses this IP address, and if not, the access is denied, a...