Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
The 4.2.0.124.6 is supposed to now support a Windows 2008 DC. I am able to install the remote agent software and the service starts up, etc. I can add the remote agent in ACS and it says that it is "available" etc. However, when I change the exter...
I want to log all commands entered on a switch, however I can't seem to find a command to do that. Is this possible? Or am I stuck with the generic "configured from console by USERID" messages as the most detail I can get?
I have a setup where my VPN users hit the ACS server for user authentication - off of AD. What I am not sure of, is how to limit which users have VPN access. All of the users would still need to authenticate for wireless (EAP) but be limited to eit...
I am trying to figure out a way to authenticate my remote access VPN users on a Cisco ACS server... the catch is that the VPN endpoint is a Netscreen firewall / VPN device. I have done this in the past with Cisco's ASA VPN users, but not with Netscr...
Is there any way to see the machine name of a connected SSL VPN client (SVC)? I see that I can do a sho vpn-sessiondb svc to see the users logged in, but I would like to see the machine name of the client. Does anybody know if that is possible?
If you have IP addresses on your VLANs - then the switch (router at this point) will route the directly connected subnets. However, you need to make sure you have the "ip routing" command entered.But, you MUST have IP addresses assigned to the VLAN ...
Apparently, I needed a patch (applACS-4.1.1.23.5.zip) for my ACS server for this to work. Once I applied that, the TACACS+ Administration report populated.
By does not seem to work - yes, I go into the ACS under Reports - in TACACS+ Administration, there is nothing. In TACACS+ Accounting, there is info, but nothing relating to commands issued. I have verified that the there is a check in the system co...
I am using ACS, however I am not sure how I would set that up to log commands. I have tried to add this:aaa accounting commands 15 default start-stop group tacacs+but that does not seem to work. Any thoughts?
I have tried that and it does not seem to make a difference. If I add the AAA group (the firewall in this case) and add * for the CLI, DNIS, etc. it will still let me log into the VPN client as a user in that group. Am I supposed to be putting some...
