Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
We are using Cisco Secure ACS 3.3 for wireless authentication. I want to check the mac adres of users before authenticating them. I think using check-items option of RADIUS can be a solution.Are there anyone help me how can acccomplish that.Best Rega...
I want to authenticate my ipsec vpn client by using certificate. I am using asa5540 as ipsec vpn server. The first step I should do is create an trustpoint and authenticate it to ca. the trustpoint name is knasacawhen I execute the commandcrypto ca a...
I am using CS ACS NT 3.4 as radius server. I want to create time based user. It is possible at user level. Configuring the settings under "Account Disable" at user level. I have many users and I want to set it at group level instead of configuring ea...
Hello everyoneI am planning to take ccie security written at May.Because blueprint is changed from ver 1 to version 2, there are no docs and sample questions for version 2.Are there anybody who can help me about docs and sample questions.Thanks in ad...
I have an ciso 2800 as ezvpn server. I want to be notified when the ezvpn clients are connected and disconnected by using trap feature.I want to accoplish it by using trap or snmp query. Anyone can help me for ssample config.Thanks in advance.
Hello Aignacio,I have the same problem now. Did you find an solution. If yes could you please send me the prosedure for migrate from 3015 to asa in terms of ca configThanksDogan
Hi Kanishka Thanks for your reply.logging trap 7 sends all level 7 logs. Is there any way to send more specific data that represents ezvpn session.ordo you know that which mib I can use.Regards
You can use the group lock feature at Group PolicyFirst you should use different Group Policy for each of the Tunnel Group. And then edit Group Policy to support Group Lock.Group Lock is at IPSec parameters Tab of Group Policy And you should use grou...
If you need to deny access request coming some of your NAS, you can use NAR( Network Access Restrictions) at ACS. NAR alows you to define which user should connect to which NASIf you want to deny access request for some of the vpn group at ASA, you c...
