Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

CiscoSecure ACS 3.2 experiencing DoS due to failed PEAP login attempts

I am currently experiencing an "unintentional" denial of service attack causing my ACS server to stop working due to high processing because of a lot of PEAP login attempts from PC Clients with corrupted certificates or any other problems.

The question... is there any way to adjust the maximum number of login attempts from a wireless client in the ACS in order to lockout that account?

Would this be a problem to be fixed in the Access Point?

Regards

2 REPLIES
Silver

Re: CiscoSecure ACS 3.2 experiencing DoS due to failed PEAP logi

Where are the users defined?

If there are in the ACS internal DB you could set their failed attempts expiry (in user setup)

..but this may not prevent your DoS episodes.

New Member

Re: CiscoSecure ACS 3.2 experiencing DoS due to failed PEAP logi

The ACS is communicating with a Windows Active Directory Server... is there any way to lock out problematic clients that cause this DoS episodes by defining a certain number of failed attempts?

Regards,

137
Views
0
Helpful
2
Replies