Network Access Control

Just would like to ask your assistance and more ideas about the above subject. When TACACS+ is used for device management ( example; in a router ), when a user is defined in the ACS that he should not be able to use reload/copy commands inside the ro...

We have a VPN 3000 concentrator where users connect from the internet and extranet too.We want to restrict some users to certain IP sources, this is in radius attribute 66 Tunnel-Client-Endpoint.Is this restriction possible with CS ACS 3.1? Could fin...

I use cisco secure ACSv3.0 to authenticate dial in users. Some users authenticate via an account in cisco secureand some users via Novell NDS which is cofigured as an external database in cisco secure.From time to time we are having problems with nds...

Is there away to allow users to be able to change/manage their own account passwords? Currently, our wireless users do not have the ability to change their own passwords.Thx.

I am facing a problem for my dialin clients. We are providing them dialin facility to our office network to access internet through our office lease line, so in this regards we installed Microsoft ISA Proxy Server and given them permissions to access...

Can PIX redirect VPN user authentication to a windows 2000 server? In other words, the VPN username and password is stored at windows 2000 server. When PIX receive a Mobile VPN connection, it will forward VPN user and password to windows 2000 server ...

I am getting the following error in the cslog error file which is located in \CiscoSecure v3.0\cslogs\logs directory. Can someone please tell me the fix for it.

I have a small user base and would like to authenticate users locally on the PIX when they open an inbound IPSec VPN connection with the Unity VPN Client v3.x. I can do this on an IOS router, but I can't seem to figure out how on the PIX v6.2(2). C...

I am facing a problem for my dialin clients. We are providing them dialin facility to our office network to access internet through our office lease line, so in this regards we installed Microsoft ISA Proxy Server and given them permissions to access...

Can anyone tell me what the report "Logged in users" actually means?

I have configured a 350 wireless card and 2-350 AP's for LEAP authentication with ACS 3.1 and all works fine authenticating to both AP's. I want to test the ability to deny access to one of the AP's using NAR's. I have added the NAR to the group I am...

We are using ACS 3.0 and vasco tokens, the are both configured on the same server. Authentication is now done by the token server and is working fine, but when we are troubleshooting the routers it's not usefull of having the tokenserver.So what we w...

I have successfully configured VPN access on our 2621 router, however once connected I can only talk to the LAN and not the internet - any ideas? Also is it possible to connected with the cisco VPN client, and authenticate against the LANs NT DOMAIN...