jrabinow Tue, 03/23/2010 - 05:37
User Badges:
  • Cisco Employee,

I am not sure which release and which specific functionality you are refering to


If this is ACS 5.1 and the Accsess Settings functionality that allows to define which IPs are or are not allowed access to the administrative interface then this can be reset using the following command from the ACS CLI:


acs-config


access-setting accept-all


should then see:

access setting allows all IP addresses to connect

Jatin Katyal Tue, 03/23/2010 - 06:48
User Badges:
  • Cisco Employee,

Access policy can't be modified from CLI. This could be computer specific issue. Have you tried accessing ACS GUI page from different machines?


If its machine specific issue then you may check few things


If we are using Proxy server then make sure that the proxy server's ip address is allowed, check the proxy server settings from:


Pull up a web browser > Tools > Internet Option > Connections > LAN Settings


Make sure that we have JAVA installed, and also go to Control Pannel > choose JAVA> Network Settings > And make sure its using browser settings.


Also, if its working from other machines, I would suggest you to use the HTTP port allocation feature to configure the range of TCP ports
that ACS uses for administrative HTTP sessions.



HTTP Port Allocation for Administrative Sessions:


http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.1/user/Overvw.html#wp821288


Regrads,

JK


Plz rate helpful posts-

martimanya Tue, 03/23/2010 - 07:00
User Badges:

i can't access to ACS because i checked the "Allow only listed IP addresses to connect" option in "Access Policy Setup". And now i can't login via HTTP.

thnks

Actions

This Discussion