My customer wants to implement a redundant ACS system for authentication,which uses a redundant RSA ACE server for strong authentication of remote ISDN and
PSTN dial users. I do have a number of questions whit this senario.
# I have been trying to emulate the remote access scenario using a Cisco 2600 router (12.0.10) with an ISDN Basic Rate Interface and the ACE 5 server.I
have attached a config and it seems to work for local access onto the Aux port or Dial in using the windows dial up client without a post dial terminal window (i.e. I enter the PIN and tokencode in the password box of the dial client. However, when I implement the post dial terminal window (so that I can use next token mode and new pin mode) the client connects to the router but I do not get any meaningful text in the post dial window (I would expect a username/ passcode prompt) I just get ascii garbage. Do you know if this works with next token code and new pin mode (ala post dial terminal window) terminating on an ISDN BRI interface and if so why is it not working? I have tried this on Win 2K and 95.
#How can I support redundant multilink ISDN in this senario? Do I need to implement Token chaching and if so is this supported in ACS 2.6 for windows?
#Can I support redundant ACE servers if I am integrating the authentication with Cisco Secure Access Control Server (i.e. The authentication goes
first to ACS which passes it on to ACE server) and how is this handled within ACS?
My router config is given below the IOS is 12.0.10 and the platform is a 2600.
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
aaa authentication login radius-login radius local
Since there has been no response to your post, it appears to be either too complex or too rare an issue for other forum members to assist you. If you don't get a suitable response to your post, you may wish to review our resources at the online Technical Assistance Center (http://www.cisco.com/tac) or speak with a TAC engineer. You can open a TAC case online at http://www.cisco.com/tac/caseopen
If anyone else in the forum has some advice, please reply to this thread.
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...