About kwillacey

kwillacey · 11-09-2009

Hello All,I have an ACS with AAA clients (routers) added as TACACS+ (Cisco IOS). And as such I am able to log on to the devices with my username and password which is stored locally on the ACS. However anyone from any group can log in. How can I rest...

kwillacey · 11-05-2009

Hello All,There are two ACS servers one sits on the inside of an ASA 5510 at the head office and the other sits on the inside of an ASA 5510 at the hot site. Those ASA 5510s were put in to replace two PIX 515Es and the claim is that since the ASAs we...

kwillacey · 09-21-2009

I have a site to site that was previously up and working but it is not now. An ASA is on the side I control and a PIX is on the other end. The weird thing is isakmp seems to be up but not ipsec, as belowASA5510# sh crypto isakmp saIKE Peer: x.x.x.xTy...

kwillacey · 08-21-2009

Hello All,I don't know enough about metro to know if this can work or not so I am seeking some advice. Let's say I have two sites that are connected via metro. Site A has a 2811 with a connection to the metro switch/cloud with a /30 subnet (10.10.20....

kwillacey · 07-14-2009

I have a client that has an ASA that has routes to remote locations that point to another firewall on the LAN. So the clients default to the ASA and then the ASA should route traffic for the remote locations to the other firewall.This creates the hai...

kwillacey · 11-09-2009

ACS 3.2 does not have device groups so I cannot separate the devices.... thanks a lot I'm gonna have to think about it some more.

kwillacey · 11-09-2009

I am guessing if it is using TACACS then it is going to be a problem, am i right?

kwillacey · 11-09-2009

OK thanks that's what I was hoping. One more question, if I have remote access VPN on an ASA and authentication is provided via the ACS and I add the NAR as I described earlier would those users in the group still be able to authenticate?

kwillacey · 11-09-2009

What do the stars mean, is it a wild card?If I select deny access and all AAA clients and apply it to a group. Does that mean that they will not have access to the AAA client? ie they will not be able to authenticate and log on to a router.

kwillacey · 11-09-2009

Thanks a lot, it looks like it's gonna be difficult.

Member Since	‎09-19-2006 12:41 PM
Date Last Visited	‎07-13-2021 08:30 AM
Posts	194
Total Helpful Votes Received	57

User Statistics

User Activity

AAA Authentication ACS and Router

ACS 3.2(2) Build 5 replication issue

Weird L2L Problem

Additional connection to metro switch

Portmap translation failed

Re: Denying AAA Clients to a specific user group in ACS v4.1

Re: Denying AAA Clients to a specific user group in ACS v4.1

Re: Denying AAA Clients to a specific user group in ACS v4.1

Re: Denying AAA Clients to a specific user group in ACS v4.1

Re: AAA Authentication ACS and Router