Network Access Control

Hi ThereWe have Cisco Secure Acs v 4.2 and we are running it in parallel with Active Directory to Authenticate users to access Juniper/Cisco devices. For all users except "root and admin"Since "admin" user is only defined on Juniper devices and ACS s...

I have tried to profile cisco ATA 188 adapter, based on cdp attribute; Platform: Cisco ATA 188and assigned to a create a same identity group. I am not able to see device profiled according to identity group assigned. Instead of it its always assigned...

I am trying to use autocommand in an ACS 5.5 shell profile. Works fine on IOS routers fails to run on Nexus. Any thoughts?

I have just been patching out ACS 1121 on Ver 5.3 in preparation for upgrading to 5.5 however having successfully patched the secondary server I tried to promote this to the Primary and this seemed to fail with no error message.A reboot of the Second...

HelloWe have an ACS 5.4 w/ 20,000 async authorization errors: 22056 Subject not found in the applicable identity store. The associated IP address is a Cisco Async router. We added no exec to stop authentication errors but continue to have authorizati...

I would like to receive a report daily on our TACACS activity on our network devices. I've looked thru the menus and searched some but have not found a clear way to generate such a report. any help is appreciated.

We have not updated to 1.2.1 yet and are running 1.2.0.899. the only changes made to the system was alarm settings, which was just adding emails to alarm notification in settings. Four hours after the alarm notif. change we started gettings alerts th...

Can anyone point me in the direction of documentation or sample configs for using AD accounts to authenticate connecting to SSID on WLC? I am trying to setup a new SSID on a 5508 WLC that only a specific AD group can connect to. I gather that I will ...

Hi, is there any possibility to match on a custom EKU with ACS 5.5?I have to create a solution to limit access to a specific WLAN SSID. Only certificates containing a specific, self-created EKU should have access to this SSID. Other certificates from...

As part of an ISE implementation, I want to test ISE failover for Admin, MnT, and PSN personas.  Does anyone have an ISE failover test plan or ISE failover test best practices documentation to share? Thanks much,David Daverso

After the user logs into the portal and register its device I can´t seem to find a way for an auth policy to capture the data and permit the device into the network. So the flow would be MAB->CWA->Permit access if users are in identity group name "X"...

hi ,i have  configured my ACS 4.2 to  assigne static ip addres to vpn users (172.17.17.100) ,the acs assigne the ip address but it  gives the users the default subnet mask (255.255.0.0) .i want to change the mask to be 255.255.255.0 .it's possible ? ...

Hi All, I want to implement network access control system in a fashion that when someone from outside access our network (Wired/Wireless) he should not have direct access to our system. There must be some authentication, authorization and accounting....