Network Access Control

I have users on an external network needing to connect servers on the inside.I would like all users to be authenticated thru AAA. All of there access to the internal servers will be through a Browser. I have configured proxy auth on a router once but...

Does anyone have a link to information on configuring the PIX to allow NT authentication from windows clients to Windows2000 AD? We are looking to create a secure connection to a business partner which wil also be installing a PIX. They are physicall...

Real quick ...Can anyone tell me the significance of an Acct-Flag entry "NAS Port re-used" might have in TACACS+ accounting?Thank you. Tom

Hello,We are using RADIUS accounting on a PIX501. It is working fine however, our RADIUS logfile is filling up with errors as below:Thu Apr 17 13:41:40 2003: ERR: Attribute number 105 (vendor 1147499380) is not defined in your dictionaryThu Apr 17 13...

Hello, I try to change authentication on my ACS 3.1 and W2k server from EAP-MD5 to EAP-TLS. I created certification authority. Then i created client certification and export the key file with password. When I write this values to ACS ( path to certif...

Hi,I've configured a C3005 with a group for authentication using a Radius server.On the group settings on the Identity tab, I have set the Type on Internal, on the IPSEC tab, I have selected Radius.When I want to test the Radius server, I enter a use...

We have added the Network Access Restriction to both the User and Group config pages. Then we select the NAR, add (say) a Deny for All NAS, port *, address *, Enter the selection and then Submit and Restart. Going back to the config screen the NAR se...

Does anyone have a way to track users of the CSS 11506 making changes such as taking servers in and out of service. We need a way to track this so we can give this out to the website support team. We can track this through syslog but wanted something...

Hello Guys,because we are going to install some Memory on our primary Tacas Server i wan to get more Information about the Redundancy issue. We are using ACS1 and ACS2(red) and both are configure on our PIX like this :aaa-server acs1 protocol tacacs+...

Hello, I recently received a beta of Cisco secure 3.2 however there are no release notes. I want to lay it over 3.1 which we currently use for authentication and security for wireless clients and AP's. Anyone know where I can find some info on Cisco ...

Hi!I`ve been trying to configure PEAP on a ACS 3.1. The reason for PEAP instead of LEAP is that one of our customers are running Netware as nos. I`ve had no problem with creating the "security" keys on the ACS - and no problem "stamping" the key at w...

I have a problem with the following setup.1 PIX 515 with a MS Cert Server on the inside.1 VPN client 3.5 connecting from the outside.Enrollment for the PIX and Client work fine. IKE negotiation using certificates work between the PIX and the Client.I...

Why would I use TACACS+ as aposed to RADIUS? What are the pros and cons of each?

I am trying to set up tacacs authentication for management on 1200 wap's running ver 12.02t1. When I enable tacacs and change the port to 49 I get through to the acs server, but don't authenticate. Acs error message states CS Password invalid. I'm us...

Hello,Is it possible to limit AAA Accounting to stop records only? I believe this is something you can do with IOS but I can't find a similar command for the PIX.