We required to setup several IOS wireless points with MAC-address authentication using the cisco acs. I have it working but the problem is that even rouge devices try connecting and this causes loads of failed attempts in the failed report, there are about 8 attempts per second so imagine my database size. The question is??? Can I configure the ACS not to log failed attempts on the ACS?
On the AAA server yo can go into the System configuration, CSV Failed Attempts File Configuration, and in the log file management section choose a small file size and in the Directory section check the "manage directory button". This will automagically eliminate any disk concerns.
Tough one... if you switch off or limit the failed attempts you wont see genunine failures.
An alternative is to use our CSVSYNC tool to regularly download the logs to another PC (doesnt have to be a server). Once there our AAA-REPORTS! application can pre-filter the junk out of the failed (and other) logs as it imports. At the same time directory management on the ACS can be set to purge logs a short time after they've been downloaded.
You're then left with just the real failed attempts in our SQL DB backed report generator - from where you can either run canned reports or use our visual query builder to sort/filter/group/total/export the data.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...