AAA/Identity/Nac :: ACS 5.2 - Unable To Delete Remote Log Target?
Oct 12, 2011
I have two ACS 5.2 running as primary and secondary instances respectively. When I try to delete a remote log target under System Administration > ... > Configuration > Log Configuration > Remote Log Targets I get the following error message...."The item you trying to delete is referenced by other items. You must remove all references to this item before it can be deleted".
I have searched the configuration within the web gui and was unable to find anything that reference the object that I'm trying to delete.
View 2 Replies
ADVERTISEMENT
Jun 20, 2012
I have and 880 W router. The LAN members can get out t o the internet. Now I want to configure NAT such that outside computers can access a couple of the machines using Remote Desktop (RDP). I am using Configuration Professional.
When I configure inside to outside, the remote computers can't connect to the target machines.When I configure outside to inside, the target machines acn't get to the internet.
When I try to use the advanced NAT definition wizard, I can't complete the task because the only inside pool (?) or LAN (?) is "designated" and not available to select. I can't free it up without deleting the one working NAT entry which is the one that enables all computers to reach the internet.
View 1 Replies
View Related
Feb 8, 2012
My company recently purchased a custom domain name through In Motion Hosting (inmotionhosting.com) which has worked great up until today. As of this morning we are not able to view our webpage online (ronnysinc.com) or any inmotionhosting pages including our email accounts. However, we can view any other website and computers outside of our network seem to be able to view those pages without any problem. [code] As you can see it works fine with any other website such as google. My initial thought was it was being blocked by our firewall but when I log into the router I do not see any firewall settings that would create this block. I also tried resetting the router and flushing the DNS with no success.
View 5 Replies
View Related
Aug 8, 2012
how I may be able to delete files beyond recovery from a remote computer.
View 7 Replies
View Related
Jun 28, 2011
I've inherited some ACS appliances from another part of my organization. I need to keep most of the settings but want to remove all the AAA clients; and preferably not one-by-one. I don't see a way in the documentation and web searches have proven fruitless.
View 1 Replies
View Related
Oct 23, 2011
We are evaluating Cisco ACS 5.2 and I can not delete a service policy that was created. The message we receive is " the item that you are trying to delete is being referenced by other items". I am new to ACS, but I did go through each tab in the manager multiple times.
View 5 Replies
View Related
Jun 25, 2012
on the acs 5.2 , how to delete specific log for user X, ?
View 3 Replies
View Related
Apr 10, 2013
I'm doing a basic setup of ACS 5.3. For now, I'm configuring backup to a local repository
!
repository Backup
url disk:/Backup
!
How can I automatically delete old files? I need to keep only the last seven files.
View 2 Replies
View Related
Feb 6, 2012
We have a pair of ACS 4.1 servers (Windows Server 2003 R2). Let's call them ACS1 and ACS2. We don't want either one of them to proxy to any AAA server, including each other. We're using mostly TACACS authentication.
While troubleshooting a general problem, I'm guessing that one of us did this on ACS1:
pressed the Network Configuration button,saw the Proxy Distribution Tableclicked (Default)moved ACS1 from the AAA Servers column to the Forward To column.
So, essentially, we're telling ACS1 to proxy all requests to itself, which doesn't seem to make sense. I don't know for sure whether it should work when configured to "self proxy," but in that state, it does not authenticate anyone and gives merely "Internal error" as the reason.
If I change the configuration so that "ACS2" appears in the Forward To column, and I move "ACS1" back to AAA Servers and restart, ACS1 starts responding correctly to TACACS requests. Of course, ACS1 is just proxying all requests to ACS2, so having two servers isn't doing much good.
I cannot simply remove ACS1 from the Forward To column and leave it empty. The interface complains that it can't forward to zero servers. Of course, on ACS2, there are no servers in the Forward To column, since we never touched the Proxy Distribution Table there.
Is there any way to return the Proxy Distribution Table to its default setup, that is, no servers appear in the "Forward To" column?
We're planning to upgrade to version 4.2 very soon, so this question is mostly academic, unless the same problem exists in 4.2.
For full disclosure, I should mention that the problem we were troubleshooting was loss of connectivity to our Windows Domain Controllers from our ACS servers. We had missed adding some exceptions in our firewalls to allow for four new DCs. As far as we can tell from testing, connectivity to the DCs is now fine. The firewall rules group ACS1 and ACS2 together, so connectivity should be the same, and ACS2 authenticates users correctly.
View 2 Replies
View Related
Oct 5, 2011
How to delete the accounting/authorization Reports or logs ?
View 2 Replies
View Related
May 13, 2012
i have configured a cisco router with the following configuration to practice obtaining certificates from a microsoft 2008 server configured as a stand alone CA.this part works okay but what i am trying to do next is giving me a headachei am trying to delete the identity certificate but am having no luck whatsoever
interface FastEthernet0/0ip address 192.168.2.1 255.255.255.0ip nat outsideno shut
interface FastEthernet0/1ip address 192.168.1.1 255.255.255.0ip nat insideno shut
access-list 101 permit ip 192.168.1.0 0.0.0.255 192.168.5.0 0.0.0.255
access-list 102 deny ip 192.168.1.0 0.0.0.255 192.168.5.0 0.0.0.255access-list 102 permit ip 192.168.1.0 0.0.0.255 any
[code].....
i entered the following commands on the router to delete the certificatebut as you can see its telling me the certificate dosn't exist(this method of deleting the cert has come from Richard Deals complete cisco vpn configuration guide) 3Purley(config)#crypto ca certificate chain PurleyPurley(config-cert-chain)#no certificate 61E0446A000000000002% Certificate not found.ps the router is a 3640 running c3640-jk9o3s-mz.124-7.bin
View 1 Replies
View Related
Mar 6, 2013
I have a EA4500 that I get error 2315 when I try to Delete,change name,or icon. I did a 30/30/30 and everything worked great,24 hours later I was back to error 2315. I tried re-flashing the firmware, but that didn't work. I get the same problems when I try using the Smart Wifi app. There are also times when I can not access the router using Smart Wifi unless I reboot the router when I get home.
View 9 Replies
View Related
Nov 23, 2012
On 1811W Router i have OSPF running and i do not need this static route.ip route 192.168.20.0 255.255.255.0 192.168.20.3,when i try to delete i get error ,1811w#,config t,Enter configuration commands, one per line. End with CNTL/Z.,1811w(config)#no ip route 192.168.20.0 255.255.255.0 192.168.20.3,%No matching route to delete,1811w(config)#.
View 7 Replies
View Related
Nov 3, 2011
Why can't I connect to the website for Target Stores? Each time I try to connect to Target Store website the small box fills up at the bottom of the screen, then the hour glass appears and Windows Internet Explorer says "program not responding". No other websites give me this problem, only Target
View 1 Replies
View Related
Nov 23, 2011
I was attempting to troubleshoot a logon problem with some machines, when it was finally revealed that there was a managed switch between the host and the target preventing this.
How would I detect this in the future? (A tracert showed nothing between host and target.) Would Wireshark show me this info, with reduced TTLs?
getting a picture of all devices between a host and a target?
View 10 Replies
View Related
Oct 27, 2012
i have two servers that is Primary domain Controller and File Server. When i remove the client computer from the domain and try to rejoin the domain again it refuses, when i ping it replies. i can not assess files in the file server It prompt"Logon Failure: the target account name is incorrect" Suprisingly When i logon in other clients its OK. but some clients give ths said error though the communication with the server is fine
View 1 Replies
View Related
Sep 9, 2012
I am using an ASA 5520 running 8.2(4). My objective is to get a VPN client to access more than one network on the inside of the network, i.e., I need to VPN in with an IPSec client and be able to establish tcp connections to servers at 192.168.210.x and 10.21.9.x and 10.21.3.x, I believe I am close to having this resolved, but seem to have a routing issue.
View 5 Replies
View Related
Jul 8, 2012
I would like to limit the bandwidth available to a different target machine. I have been trying to do this on a Cisco 3750, but first I came across this message:
% QoS: policy-map with police action at parent level not supported ...
Then this:
% QoS: policy-map child ... ClassMap BackLimit only support MATCH-INPUT INTERFACE
Is there any documentation, I searched the forum but all I see are complex solutions, I just wanted to limit the bandwidth for a machine that is in a different site. I wanted to apply the policy on an interface SVI.
View 7 Replies
View Related
Oct 16, 2012
Today when we run one applcation to access a target server with IP address 10.2.2.13, the application cannot run through and appearing error message related networking.The target server has two network ports whereby another one with IP 10.2.2.14 is running OK with the same application. All these two connections are connected to the same Cisco switch 3750, after the switch then go to Cisco ASA firewall which has no access control rule for this 10.2.2.13 and its subnet, and then the firewall connect directly to the application server.We can ping, remote desktop access and telent port for the application to the target server by using 10.2.2.13.We swapped the cable connection of the ports from one another and try the application again, the IP with 10.2.2.13 is still fail and IP with 10.2.2.14 is OK.We then change the IP from 10.2.2.13 to 10.2.2.12 or 10.2.2.155, all are OK. We changed back to 10.2.2.13, it is failed again.The switch is in running real time production and so we cannot power cycle or reload the switch.
View 9 Replies
View Related
Jun 17, 2011
We have a Cisco 5510 with 2 IPSec Connection Profiles each using a different IAS for authentication.If we add another VPN profile we need another IAS.With Cisco ACS can it be configured for different VPN profiles from the same ASA 5510?
View 4 Replies
View Related
Mar 18, 2013
We have ACS 4.2.0.124 runnning with remote agent installed on win 2003/32 bit ent server. Now we are facing issue like logs (daily backup) from ACS to the Remote Agent is not happening properly. We usually get logs around 1 MB everyday in remote agent but sometimes we are getting 1 KB continuosly untill the services to be restarted in ACS manually.
View 9 Replies
View Related
Sep 17, 2012
I'm configuring a console server for configuring remote devices. This is working well except for the fact that if a target device is in ROMMON mode, the console server refuses to displays the target device console. It does open the connection but the ROMMON prompt is not shown on the console server . This is essential for this device as we will need to use it to reset passwords remotely and thus need to be able to access ROMMON mode from the console server.
Parts used are a 2951 router and a HWIC-8A serial card. Posted my config below:
[code]
Current configuration : 4389 bytes
!
[Code].....
View 1 Replies
View Related
Nov 2, 2011
I would like to know why i can't configure to 100 full duplex one port from target follow: WS-X6724-SFP
View 2 Replies
View Related
Feb 11, 2012
ACS 5.2 , and I can't find document about how to configure remote access vpn authentication in ACS 5.2.
View 6 Replies
View Related
May 26, 2013
Would like to check up either Microsoft SQL Express 2012 is able work with ACS 5.3 remote database?
View 5 Replies
View Related
Mar 19, 2012
I have configured the appliance everything is working fine.We have a remote syslog server and I have configured the remote syslog server details in the "Remote Log Targets" and and Logging Categories.But I cannot see any logs on my syslog server
View 4 Replies
View Related
Mar 20, 2012
Presently we are upgrading the existing domain controller to Windows Server 2008, R2 Standard Edition.
I'm bit confound with the information available for the upgrade scenarios. Listed out the present working versions.
Cisco ACS SE - Release 4.1(1) Build 23 Patch 5
Cisco ACS Remote Agent version 4.2(0.124)
As the new operating system is going to work on 64 Bits, I think the existing ACE SE and remote agent may/should be upgraded.
Based on my existing versions, provide the possible upgrade scenarios available for me.After upgrading SE and Remote Agent should be working for 64 bit OS.
View 6 Replies
View Related
May 7, 2012
I have been doing a bit of reading on the ACS 4.2 remote agent compatibility with Windows 2008 R2, and it seems like the only way out is to upgrade the ACS to 5.2. We have Cisco ACS 4.2 SE and if I install the Remote agent on a Windows 2003 member server instead of the 2008 R2 DC.
View 3 Replies
View Related
Jul 17, 2012
We having difficulties with installing remote agent on windows 2008 R2 64-bit server and got the attached error.
Our ACS is 4.2.0.124 and remote agents we tried are :Remote-Agent-ACSse-win-v4.2.1.15-K9.zip and Acs-4.2.1.15.9-RA.zip.
[code]...
View 3 Replies
View Related
Jun 7, 2011
The problem is that i had configured the ACS appliance with a remote agent to Integrate with Microsoft active directory and I installed that agent on one of our domain controls and it is working fine.
When I installed another agent on anther domain control and add it to the ACS server it appear that the remote authentication service is working on it but when try to make the new agent the primary and the old one the secondary from External database configuration all the domain users authenticated but only to one group which configured in Unknown User Policy.It appeared like it can't read any more groups from active directory.
View 2 Replies
View Related
Jul 17, 2011
it's possible to install ACS Remote Agent 4.2.1 on VMWare server. Is it supported by Cisco?Do you have any experience with running the remote agent on VMWare servers?
View 2 Replies
View Related
Jan 2, 2013
I have a Cisco ASA 5510. I have configured Cisco Anyconnect to authenticate via Windows IAS. We had an outage of that server recently and I tried to remote in via anyconnect and could not. Once the IAS server came up I could get back into the network.
Is there a command that I'm missing that will let me use Anyconnect to connect into the network even if my AAA server is down?
View 2 Replies
View Related
Mar 26, 2012
I am configuring new ACS 1121 appliance with version 5.3 and wanted to know how to configure Remote Database settings in ACS5.3 Is that necessary to configure that option ?
Also one more thing I can see that ACS 5.3 generates lots of logs is there any solution to reduce such logs. It seems many unuseful logs which are system related are getting logged into device which might no be good for memory requirements of device.
View 6 Replies
View Related
