Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Dual ACS solution (4.2) with one ACS doing the authenticating, the other acting as a standby. Recently when accessing nortel switches, they authenticate to both ACS, as some are going to ACS2 despite their primary RADIUS server being ACS1.The ACS sol...
Have had a ACS 4.2 solution installed across 2 servers (master/slave), everything working fine with devices using it for both RADIUS and TACACS+ authentication. This week however, I have had an issue with a network group that use RADIUS as switches (...
I have users that access the network via a VPN client to a PIX 515 which authenticates to the ACS (using the default group for unknown users) which uses an external Active Directory Database. The problem I have is that as the ACS authenticates these ...
Hi, can anyone confirm if the following can be done ;2 1760 routers, both have WIC-4SW modules.Both FE ports are connected to a device that has the same IP address for its two connected FE ports. The two routers are connected together by the WIC-4ESW...
I want to set up a demo using Call Manager and 2 7960 IP phones, plus a softphone application, does anyone have any examples of this or can advise, would the following setup suffice ?2 x 7960s, ------ switch (2950?)-------Call Manager PlatformOnce th...
A clear out has been done, with the network interface re-created, with everything working fine.Its one of those faults that has happened with no changes made to the ACS, nothing in the logs suggest there's a problem caused by a change. The DB replica...
Hi JGI've tried that but no luck, just to confirm that the users use the PIX as a VPN device to connect in, but I want to restrict them admin access to the PIX.
I have tried implementing NARs but it doesn't work, it doesn't seem to differentiate between VPN access and access to the PIX, it either permits or denies access. I have even tried denying access based on SSH (All Clients,22,*) and that doesn't work ...
Hi JG, I have tried IP based network restriction;Default Group settings - In Per Group Defined Network Access Restrictions SectionBox ticked for Define IP-Based RestrictionsTable Defines : Denied Calling/Point of Access LocationsAll AAA Clients * * e...
