About radek.salapa

radek.salapa · 02-15-2024

Hi, is there a way to change ASA NAS-IP address (RADIUS attribute 4) when ASA talks to ISE (in general to any RADIUS server). I know there is a way for routers or switches. I need this functionality on ASA as my ASA (actually few of them) are nated (...

radek.salapa · 11-24-2025

I think reauthentication for MAB is very useful in few scenarios. Let assume we have printers allowed via MAB and we assigned to them dACL. With reauthentication set for 16 hours, when we change ACL on ISE then we have 100% guarantee new ACL will be...

radek.salapa · 02-17-2024

@MHM Cisco World wrote: ciscoasa(config)# aaa-server mygroup (inside) host 192.168.10.10 thekey timeout 20 this Interface IP is use for both source and NAS-IP as I know. Yes, that is correct. Additionally you will need a route through "inside" int...

radek.salapa · 02-16-2024

Hi Greg, I believe ISE guys are more experienced with messing up with NAS-IP as potentially they are using this attribute in Rules. @Greg Gibbs wrote: This is more of a question about the ASA then it is about ISE, so it's probably a question better ...

radek.salapa · 02-15-2024

Hi MHM, In general that is correct what you are saying and I thought about that but I'm not able to change SRC IP address of RADIUS packet. It needs to be exactly as is and I'm not allowed to change it (routing, NAT, VPN, and so on....). I'm looking ...

Member Since	‎10-16-2017 01:42 AM
Date Last Visited	‎10-31-2025 04:28 AM
Posts	5
Total Helpful Votes Received	1

User Statistics

User Activity

Changing ASA NAS-IP-Address

Re: RADIUS Reauthentication - Considerations and Best Practices

Re: Changing ASA NAS-IP-Address

Re: Changing ASA NAS-IP-Address

Re: Changing ASA NAS-IP-Address