Network Access Control

I have successfully configured a VPN 3005 using the internal database to authenticate remote users. My end-user population is growing so I want to be able to authenticate remote users against our NT domain. I have tried unsuccessfully to configure ...

Dear Tech,We are having Cisco Secure 2.6 and it is using Windows NT Database, We have Pix firewall 5.1, Cisco Secure is configured for single session in group settings that are mapped to Windows NT Groups, initially it worked fine and denying multi s...

Greetings,Issue: Users accessing http authenticating via ACS-NT 2.4 off of a PIX 520.At times, all users are not presented with a challenge to authenticate until we reboot the PIX. ACS is functioning fine at these times. At other times, the user i...

Can a Pix talk directly to Windows NT Domain or Active Directory for user authentication purposes? In other words can it do it *without* connecting via a RADIUS or TACACS program placed in between (such as Cisco Secure ACS)?

I'm using VPN 3030 Concentrator and Cisco ACS 2.6 NT as radius server.I found that the CiscoSecure cannot authenticate Win98/ME VPN clients if the WindowsNT domain name is entered on the clients PC. The following error message was appeared on the cl...

I'm using VPN 3030 Concentrator and Cisco ACS 2.6 NT as radius server.I found that the CiscoSecure cannot authenticate Win98/ME VPN clients if the WindowsNT domain name is entered on the clients PC. The following error message was appeared on the cl...

Has anyone done this before? I am trying to set up a VPN for off-site cable/dsl users so that they can gain access to our on-site resources. I haven't been able to come across anything regarding user authentication and NIS+, so I am unsure if the C...

We are testing with ACS 2.6 server for LEAP authentication for AP340 series Access points and WLAN clients and configured to authenticate against NT user database (using external database). As recommended for dynamic WEP Keys we have set the Option 2...

This is the scenario: 2 networks, one whith servers plus firewall, other with users and firewall to access to servers. We pretend something like give a card or key to the user to access to remote servers and when is gone (out), key or card return to ...

i am doing a site-to-site vpn experiment with two router.one is 3660(Ra).another is provided by other(Rb).if Ra initiates the negotiation, a new isakmp sa can be got but authentication fails.otherwise Rb is the initiator, the isakmp sa negotiation ca...

I'm trying to implement a vpn rollout (vpn software client to pix) and want to have the users authenticating against the windows 2000 active directory. Does anyone know how I would go about doing this? Any configuration examples would be greatly appr...

On our routers we can perform user command accounting. For example, we can get a log of the commands users enter in the routers from our ACS box.I haven't been successful in doing the same on the PIX. Instead, I've gotten all IP and and layer-4 Por...

I have configured my NAS (Cisco Router 3660) for RAS users via Tacacs+ (Cisco Freeware). I wish to configure my NAS in a way that some of the RAS users do not use Tacacs+ Authentication, but can connect only via Local Authentication, with separate Di...

I´m looking for a way of authenticating remote VPN clients against Novell NDS. The built in method in NDS is to use LDAP, but I don´t think either the PIX nor the Concentrator handles LDAP ?So, that leaves RADIUS as an option, which requires adding t...

Hi All,My customer wants to implement a redundant ACS system for authentication,which uses a redundant RSA ACE server for strong authentication of remote ISDN and PSTN dial users. I do have a number of questions whit this senario.# I have been trying...