Cisco AAA/Identity/Nac :: 4.8.2 / Adding NAC Server To Manager?
Jul 6, 2011
I have a pair of managers in HA mode and a pair of servers in HA mode. The solution is working in OOB Virtual Gateway. When i add the server in the manager, which IP address must i use, the service IP address or the physical Ip address.I'm running 4.8.2
View 2 Replies
ADVERTISEMENT
Jan 22, 2012
it was possible to install RSA Authentication Manager server into the ACS 5.3 Virtual Machine ?
View 0 Replies
View Related
Feb 11, 2011
I have install the administration toolpack on Windows 7 and enabled remote connections on my server 2008 box, When i try and connect with my Windows 7 server manager it does not work.I see stuff on google about enabling a trustedhost with winrm but can't find a way to do this.
View 18 Replies
View Related
Apr 18, 2010
We got recently a Cisco Secure ACS 1120 and i upgraded the Appliance to 5.1 from 5.0 with all your support
Now I need to integrate Cisco ACS 5.1 with RSA Authentication Manager 6.1 . I Successfully Downloaded config file from RSA ACE Server and exported into ACS 1120.
I also Added ACS as a NetOS Agent in the RSA Server , during the process i found few warnings . The ACE Server is not able to Resolve the IP Address to NAme ( DOes it Necessary ?? ).
I havent created any secret Key file for communication between ACS and RSA and encryption i used is DES.
Now when I log into ACS and search for Devices in the Identity Store Sequences i am not able to Look for RSA Token Sever .
View 10 Replies
View Related
Apr 28, 2013
I have a cisco NAC Manager v4.6.1 when i restart it, the boot freeze at this msg <ext3 fs mounted filesystem with ordered data mode> and it take a very long time.
The server is pingable but no GUI access during the msg.
View 1 Replies
View Related
Jul 30, 2012
I setup one network where LMS is in subnet 192.168.5.0/24 and CUCM is in subnet 192.168.1.0/24. both are reachabe to each other and both are also in different EVN/VRF. when i try to discover the CUCM from LMS 4.1. It discover only routers and switches. I am unable to find any CUCM 8.6 server, i did the snmp read community setting in call manager under serviceability.
In addition, IP phones are appeared as END host not as IP Phones. (find attached image)
View 6 Replies
View Related
Mar 25, 2012
Using EMM as a nice friendly interface for their terminal server (ie router with NM-16A and octal cables)?when I ask the framework to run the following command it gets stuck will a blinking cursor and clear screen
<IOSExecCommand>"connect 10.1.1.1 2000"</IOSExecCommand>
however removing the port number allows it to connect fine.
<IOSExecCommand>"connect 10.1.1.1"</IOSExecCommand>
same symptom if iI were to replace connect with telnet
<IOSExecCommand>"telnet 10.1.1.1 2000"</IOSExecCommand>
even setting up an iphost does the same ie:
ip host R1 2000 10.1.1.1
<IOSExecCommand>"connect R1"</IOSExecCommand>
All of these commands work fine from the # prompt
View 3 Replies
View Related
Jun 11, 2011
I try to configure in both Clean Access Manager and Switch 3560E-24Ps on SNMP Version 2 protocol but I can't make it working together (For CAM and Switch 3560G-48Ps I can do that). [code]
View 3 Replies
View Related
Apr 10, 2013
I'm using ACS 4.2 and was just wondering if it's possible to add user accounts to it by using snmpset? If so, any documentation on what needs to be done? I have the SNMP running on it and get information from the ACS using snmpget.
View 2 Replies
View Related
Jan 28, 2013
Does ACS v4.2 support the addition of the Nexus switches? We have a few new Nexus devices that have been added to ACS, but cannot be accessed successfully. A msg re: role based authentication is received. Do I have to do something special in ACS to support this?
Nexus 5596 v5.1(3)N2(1)
View 4 Replies
View Related
Mar 16, 2011
I have a Cisco ACS 5.2 and have set it up as a RADIUS server. I was wondering if there is a way to add and update users automatically? We have a large number of users > 1000 that need to be added into the system and I don't want to do this manually. These users also update their passwords on a regular basis so I would need a script that would update the users automatically without any user intervention.
View 4 Replies
View Related
Aug 9, 2011
I am trying add custom attributes for Juniper Netscreen TACACS+ authentication to a v5.2 ACS. The advice is to add it to the group as follows:
ervice = netscreen {
vsys = root
privilege = read-write
} I know how to add this to a version v4.x ACS
However, I do not know how to apply this to the custom attribiutes to a v5.x ACS?do I add the vsys and privilege attribute seperately or together? What should be the attribute name? netscreen? Should it be mandatory?
View 4 Replies
View Related
Nov 26, 2012
I just had comcast business class installed. They installed a SMC d3g router. It does not support nat loopback. I had a server installed and could not browse to it inside the lan because of this issue. I was instructed that I needed to set the the servers IP to the external address and open the ports to that. That worked, and I added an internal address 10.1.10.x so that I could see it inside the firewall. The issue that I am having is that since I did this, the server can not be seen by the macs and the mac shares don;t show up for them.
View 4 Replies
View Related
May 12, 2012
Customer is running LMS 2.6.Scheduled backup was running perfect. But it is no more happening.When we checked we found that the "License Manager/ Deamon Manager is down" message pop ups.
We reset the casuser password, and then restarted the services. It becomes ok.But only the immediate backup is successful. Scheduled task fails for all those devices."License Manager/ Deamon Manager is down" happens quite often.
View 1 Replies
View Related
Aug 21, 2012
so i want to move my dns and dhcp to a server (sbs2011). i am currently using a netgear 3700. i am a little confused on how to set this up. i know to turn off dhcp on the router. will the server give out a dns address? do i even need to router, or could i just use a switch?
View 1 Replies
View Related
May 2, 2012
I work in a small group with a network server so we can share files and documents from computer to computer. I am trying to access this server on a new computer and am not having any luck finding instructions on how to do so. I don't need to sign in to the network (to gain access to internet browser, etc), I need to be able to add this computer to our server so I can view these folders & files on this new computer.
View 2 Replies
View Related
Apr 14, 2011
At my office we have a dell server running windows small business server 2003, there are around 15 computers on our network running mostly windows 7 (a few with XP). I am wondering how difficult it is to add a computer to the network so it can log into our domain and all that.I just had to reformat one of the computers and would normally wait for our network guy to do it remotely but If i could do it myself it would save time (and money). I am already an administrator and basically i just need to make it so the log in prompt when windows starts has our office network listed as the domain instead of jus the local log in. It is a dell running windows 7 64 bit.
View 5 Replies
View Related
Mar 21, 2011
we Bough new mcs server in order to install ACS 4.1,now acs is running on normal PC and its fully configured , so now i want to back up the acs database and the configuration file in order to install it in the new server so how to do that
View 4 Replies
View Related
May 9, 2011
I need to patch our ACS server to 4.2.0.124.17 from 4.2.0.124.6. My question is, do I need to apply the same patch to our remote agents? Cisco's documentation only states that both the ACS and the Remote Agents need to be 4.2.0.
View 1 Replies
View Related
May 23, 2013
I am wanting to generate a signing request for an ACS 5.3 box to send to a Microsoft CA. Is there anyone out there using a MS CA for eap-tls?
View 1 Replies
View Related
Dec 7, 2009
I'wont to upgade my ACS server 5.0.0.21 to 5.1 . I wont to use Active Directory . it's seem that in my curent version AD is not supported !
View 12 Replies
View Related
Apr 21, 2013
I am looking for any PDF, recomendation, link for best approach for secondary ACS as resiliency.
View 4 Replies
View Related
Mar 2, 2011
We have enabled EAP-TLS authentication for our wireless LAN end user in our network setup , And we have defined certificate on our old acs server 3.3 from a third party CA . I want to use the same certifcate which is being used in 3.3 ,how i can copy that certficate from 3.3 and get it installed on new acs 4.2 .
View 7 Replies
View Related
May 13, 2012
Question on this, is 5.2 backwards compatible with 4.2 appliance? If not, what is needed to bring the 4.2 appliance up to 5.2 and will the VMWare version work for the second system with the appliance as primary? Years ago I had 2 of them and replication worked flawlessly, but we had to take the one unit offline for another project and have never replaced it.
View 3 Replies
View Related
Jun 3, 2011
configure AAA (Radius server, access list) There are two devices An access point and cisco 881w. It is necessary to set up authentication through a radius server. You can configure detailed how to do this?
View 3 Replies
View Related
Nov 30, 2011
I'm having problems settting up a Guest NAC server to authenticate administrative users against a ACS 5.x server. In the ACS RADIUS Authentication log, I can see the user authentication is successful.In the AAA Diagnostics log, I can see the following warning:An Access-Request MUST contain either a NAS-IP-Address or a NAS-Identifier or both; Continue processing.
View 2 Replies
View Related
Feb 7, 2011
How to convert a 3140 CAM to a CAS ? if so what software / licensing would be required and is there a documented process
View 1 Replies
View Related
Feb 28, 2013
We are using ACS 5.3 with two servers in a distributed solution.All logs are collected on primary server so when this server fails all logs are lost.How can I enable log on secondary server also?
View 2 Replies
View Related
Nov 8, 2011
I have a cisco ACS 4.0 build 27 on windows 2003 server . My site was working fine when i was having a AD on 2003 server . Recently i have migrated my AD servers is 2008 .
After the migration the ACS is not authenticating the users . Now i have made a server with 2003 and made the site working . I need a solution to make it work using 2008 server is there any compatiblity issue between ACS 4.0 and 2008 server .
View 1 Replies
View Related
Dec 4, 2011
I setup one acs v5.3 in one server in NYC and another acs v5.3 in SJC.I want to make the acs.nyc as primary and acs.sjc as the secondary, how do i setup it up?
View 1 Replies
View Related
Mar 8, 2011
I'm currently working on ACS 5.1 to use it as AAA server for Netscout NGenius.I followed a guide for ACS 4.2 and tried to replicate the configuration settings in ACS 5.1.
- created a host profile on network devices and AAA clients having the same shared key with NGenius
- added three (3) NGenius required attributes in system administration > configuration > identity > internal users
- added attribute values to Internal User database
- created an access policy:
* identity pointing to Internal Users
- edit serverprivate.properties in NGenius server to match the requirements
I would like to have NGenius authenticate via ACS 5.1, but as of the moment there is an error message that I receive:
Unicentified error, Code=16510, Details: AV pairs do not match NGenius format ::<insert tacacs username here>, Severity 1, Code: 16510.
View 2 Replies
View Related
Jan 10, 2012
When I tried to import the file, there are two lines there, One is Certificate file, the other is for "Private Key File".
My question for you is, is this the private key of CA? My understanding has always been that the private key stays in CA only, not going to any other devices.
View 2 Replies
View Related
May 30, 2011
I have deployed 7 appliances 5.2.0.26.4 CSACS-1121-K9 whose 6 are performing AAA authentications while the last one is is the primary and is the master for configuration and log collector.
Since this morning, I cannot access anymore the view where I can see all Radius authentication for today. I obtain the following message:The server workspace storage for on demand transient reports is full, please try again later or contact administrator to increase on demand transient report storage capacity?
Moreover, if I generate other report, I have the message:18002: iPortal generate report failed.I could find some information which makes references to a Cisco bug CSCtb98071, as below:
Launching a shared report in the ACS 5.1 Monitoring and Report Viewer displays an iportal error for a particular scenario.
#Symptom: You will see the following iportal error message when you launch a shared report:
#iPortal generate report failed.
#
#Conditions: This error occurs when you add a report to a group in the interactive viewer and save it as a shared report.
#Workaround: Avoid using the option Add Group from the interactive viewer for hyperlinked column entries when you save the report as shared
However, I am not adding any report to any group, so I don't understand why this error appears and how to solve it.
View 8 Replies
View Related