Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2314
Views
10
Helpful
21
Replies

login limit through Cisco ACS 5.0

Go to solution
Avijit Chowdhury
Level 1
Level 1

‎06-02-2013 12:08 AM - edited ‎03-10-2019 08:29 PM

Hi all ,

Few days ago in my wireless infrastrucer i deploy Cisco ACS 5.0 with Active directory integration. My wireless users are login through web authentication process. The authentication process is passed by AD & its working fine. But i want to do a work on my ACS 5.0 that a user cannot login simultaneously multiple device at a time.

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Jatin Katyal
Cisco Employee
Cisco Employee

‎06-02-2013 12:48 AM

Hello Avijit,

"max sessions" featre was introduced acs 5.3.

Maximum User Sessions

For optimal performance, you can limit the number of concurrent users accessing the network resources. ACS 5.3 imposes limits on the number of concurrent service sessions per user.

The limits are set in several different ways. You can set the limits at user level or at group level. Depending upon the maximum user session configurations, the session count is applied on the user.

IMPORTANT: To make the maximum sessions work for the user access, the administrator should configure the RADIUS accounting.

You may go through the below listed link for more info:

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.3/user/guide/access_policies.html#wp1176806

The code you're running at this moment ACS 5.0 is not recommended for a production environment. You need to upgrade ACS to avail the max session feature.

Jatin Katyal
- Do rate helpful posts -

~Jatin

View solution in original post

Go to solution
Jatin Katyal
Cisco Employee
Cisco Employee
In response to Avijit Chowdhury

‎06-02-2013 01:38 AM

Go with patch 8. I found it very stable on ACS 5.3 code.

Download the below listed patch from

http://software.cisco.com/download/release.html?mdfid=283883841&flowid=34705&softwareid=282766937&release=5.3.0.40&relind=AVAILABLE&rellifecycle=&reltype=latest

ACS 5.3.0.40.8 cumulative patch

5-3-0-40-8.tar.gpg

Jatin Katyal
- Do rate helpful posts -

~Jatin

View solution in original post

21 Replies 21

Go to solution
Jatin Katyal
Cisco Employee
Cisco Employee

‎06-02-2013 12:48 AM

Hello Avijit,

"max sessions" featre was introduced acs 5.3.

Maximum User Sessions

For optimal performance, you can limit the number of concurrent users accessing the network resources. ACS 5.3 imposes limits on the number of concurrent service sessions per user.

The limits are set in several different ways. You can set the limits at user level or at group level. Depending upon the maximum user session configurations, the session count is applied on the user.

IMPORTANT: To make the maximum sessions work for the user access, the administrator should configure the RADIUS accounting.

You may go through the below listed link for more info:

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.3/user/guide/access_policies.html#wp1176806

The code you're running at this moment ACS 5.0 is not recommended for a production environment. You need to upgrade ACS to avail the max session feature.

Jatin Katyal
- Do rate helpful posts -

~Jatin

Go to solution
Avijit Chowdhury
Level 1
Level 1
In response to Jatin Katyal

‎06-02-2013 01:25 AM

Thanks Jatin ,

I know these feature are avilabe on ACS 5.3 ........... thats why i put this problem on these forum ... Do you have the upadate patch of ACS 5.3 ..  So if i summerise the whole discussion with out updatating the ACS i am not able to do my task.. right ..

Thanks

0 Helpful

Go to solution
Jatin Katyal
Cisco Employee
Cisco Employee
In response to Avijit Chowdhury

‎06-02-2013 01:38 AM

Go with patch 8. I found it very stable on ACS 5.3 code.

Download the below listed patch from

http://software.cisco.com/download/release.html?mdfid=283883841&flowid=34705&softwareid=282766937&release=5.3.0.40&relind=AVAILABLE&rellifecycle=&reltype=latest

ACS 5.3.0.40.8 cumulative patch

5-3-0-40-8.tar.gpg

Jatin Katyal
- Do rate helpful posts -

~Jatin

Go to solution
Avijit Chowdhury
Level 1
Level 1
In response to Jatin Katyal

‎06-02-2013 01:50 AM

Thanks Jatin ,

But my service contract with cisco was expier...........  . I have to renew it ... nothing can do at  this time ...

Thanks

0 Helpful

Go to solution
Jatin Katyal
Cisco Employee
Cisco Employee
In response to Avijit Chowdhury

‎06-02-2013 01:54 AM

That's a concern. Either renew the contract or Contact your accounts team to get this image and patch for this time.

Jatin Katyal
- Do rate helpful posts -

~Jatin
0 Helpful

Go to solution
Avijit Chowdhury
Level 1
Level 1
In response to Jatin Katyal

‎06-02-2013 02:02 AM

Thansks Jatin ,

For your positive reply if you dont mind can  you help me on this issue ... to getting this patch for this time..

Thanks

Avijit

0 Helpful

Go to solution
Jatin Katyal
Cisco Employee
Cisco Employee
In response to Avijit Chowdhury

‎06-02-2013 02:09 AM

Hi Avijit,

Unfortunately, I cannot get that patch for you. As it needs a valid contract with cisco. With every single publish for cisco softwares, there is a team who entitles the support for a customer. Even TAC might not be able to do that unless you are hitting some defect and its impacting or degrading the network. I can only suggest you to open a TAC case or contact your accounts team.

You may google it to see if someone has uploaded sometime in past.

Sorry, couldn't help you much on this matter.

Jatin Katyal
- Do rate helpful posts -

~Jatin
0 Helpful

Go to solution
Avijit Chowdhury
Level 1
Level 1
In response to Jatin Katyal

‎06-02-2013 02:12 AM

Thanks Jatin ,

Thanks a lot............. for your suggestion

Avijit

0 Helpful

Go to solution
Jatin Katyal
Cisco Employee
Cisco Employee
In response to Avijit Chowdhury

‎06-02-2013 02:18 AM

Your Welcome Avijit. Have a good one.

Jatin Katyal
- Do rate helpful posts -

~Jatin
0 Helpful

Go to solution
Avijit Chowdhury
Level 1
Level 1
In response to Jatin Katyal

‎06-02-2013 10:13 PM

hello jatin ,

I am facing another issue.. like after join my WLC with AAA ...my users are authenticate their account through AD ...... but suddenly i saw that. My Wireless controller root user name & password is not working.......  so i did not write anything .... Can u give me a suggestion how i would be able to access my root permission.........

Thanks

Avijit

0 Helpful

Go to solution
Jatin Katyal
Cisco Employee
Cisco Employee
In response to Avijit Chowdhury

‎06-03-2013 02:24 AM

When you say root user, do you mean tacacs account for accessing GUI (Web Access) of WLC? If yes what error are you getting on WLC?

Have you added an attribute role1=ALL on the ACS under the policy elements > custom attributes?

Jatin Katyal
- Do rate helpful posts -

~Jatin
0 Helpful

Go to solution
Avijit Chowdhury
Level 1
Level 1
In response to Jatin Katyal

‎06-03-2013 02:38 AM

WLC says you have no privilized to write.. any thing because WLC root users is not working. Using AD user name & password i can login WLC GUI Mode... but not write permission are avilable,,,,,,,,,,,

Thanks

Avijit

0 Helpful

Go to solution
Jatin Katyal
Cisco Employee
Cisco Employee
In response to Avijit Chowdhury

‎06-03-2013 02:54 AM

What protocol are you using for accessing WLC GUI (tacacs or radius)? As per the screen shots, it seems radius. Please confirm.

Where is the root user located? ACS or WLC?

Jatin Katyal
- Do rate helpful posts -

~Jatin
0 Helpful

Go to solution
Avijit Chowdhury
Level 1
Level 1
In response to Jatin Katyal

‎06-03-2013 03:00 AM

I am using Raduis ...  its located on WLC.. when i join this WLC on ACS wlc root users is not working..

Thanks

Avijit

0 Helpful
Customers Also Viewed These Support Documents