Cisco AAA/Identity/Nac :: ACS 5.2 Network Devices Export?
May 10, 2011
I am trying to export our network devices from ACS and I can't find out where it is exporting it. Under ACS 5.2 "Network ResourcesNetwork Devices and AAA Clients" you get the list of your network devices and at the bottom of the page there is an export button. When you click it you are given an option to password protect it which I didn't check the box and I pressed Start Export. The window flickers like it processed the request, but nothing happens. There isn't any pop-up to download the CSV. I have also tried setting up a software repo thinking it might just send it to that, but it didn't work either.
View 2 Replies
ADVERTISEMENT
Nov 29, 2011
I want to export the ACS local user's records.Then import to other ACS5.3 server.But the export file not the user's password record.I cannot import it well....
View 1 Replies
View Related
Jul 22, 2012
I have an ACS applicance that had a version 5.1 and i did an upgrade to 5.3 with latest patch.For some reason, the runtime process got stuck in (reinitializing and restarting) state.i did the recommended action to perform ACS stop and ACS start and even hard reset of the appliance, but it did not cut itThis process turned out to be a bug and it should have been fixed in version 5.3, but it has not i guess
i know that acs reset-config will solve the issue, but i have a problem here , the license file will be deleted as well with the config and i cannot find a way to export the license and then import it into the reseted config ACS hardware. Unfortunately, the license file is not saved anywhere in the company and i cannot affort to lose it.how to export the license from the applicance (CSACS-1120)?
View 3 Replies
View Related
Nov 10, 2011
I am not sure what I am trying to do is possible, so I thought I would pose the question on here. In ACS 5.3, I would like to use an RSA server and AD to authenticate my network devices. So when I log into a router or switch I would enter my AD username, be prompted for my RSA token, then when I enable be prompted for my AD password, or visa versa. how to write an access policy to achive this?
View 2 Replies
View Related
Sep 13, 2012
How many newtork devices can Cisco Secure ACSv4.1 support is there any limit on the same? How to get the Specs of Cisco Secure ACSv4.1 on the above grounds...
View 2 Replies
View Related
May 28, 2012
i have acs 5.2 i need to create a network admin policy to our nx-os devices such as nexus switches, how this will be done on acs 5.2?
View 0 Replies
View Related
Sep 25, 2012
we have Cisco 6509 as a access switch in our network. Each user has an IP phone and a computer. we are going to implement 802.1X for end users by next month. I need to check all the users activity in the network like if someone plug an access point to the network or a router.I just checked Cisco NAC and how to detect those activities on the network.
I need to get more details on Cisco NAC or other products for that purpose. also what is the difference between Cisco NAC and application like Microsoft TMG?
is it agent less or I have to install something on computers? is it working as a default router for users computers?
View 1 Replies
View Related
Sep 20, 2011
there seems to be a problem when I try to import a .csv file to ACS 5.1. After following the procedures for file exports and clicking finish I am left with the screenshot of the ImportAction window attached. According to documentation this window should allow you to monitor the progress of the bulk operation,but there is none of it.
View 3 Replies
View Related
Dec 15, 2011
I have an ASA 5510 on the outside with a Remote Access VPN. The user will need to get from the 5510, then go through an ASA 5540, then out to the subnet where they will be doing their work. I have a Cisco ACS version 5.2 that sits on a separte VLAN off of the 5540. I can authenticate users with Radius on the 5510 VPN and use DACLs from the ACS with no problems. However, the DACL only gets downloaded to the 5510 (as expected) and I need it to also download to the 5540. Is there a way to do this? I understand this could mean multiple authentications needed somehow. Right now when I authenticate, the DACL shows up fine in the 5510, but I get blocked from the devices I need to get to because it of course is not getting added to the 5540 as well.
Here's the basic topology I have:
remote client
|
|
(outside--internet--VPN)
5510
(vlan X)
[code]....
View 5 Replies
View Related
Sep 27, 2011
We are deploying devices with IOS XR and wondered if deploying them with TACACS authenticating to the Cisco ACS 5.x platform.
View 1 Replies
View Related
Jan 23, 2012
I´m currently looking for a document that specify how many MAC addresses can be stored and authenticated via an ACS (1120)? I prefer to use the internal identity store over AD or LDAP for MAB authentication for 802.1X project. I would like to know what is the impact on the ACS? CPU/MEM? What is the impact on the user authentication? delay, timeout, etc.
View 7 Replies
View Related
Jun 11, 2012
We are using acs version 4.2.0 build 124 on windows server 2003. Our domain controller has been upgraded from 2003 to windows 2008 R2.Now we are facing following error in ACS authentication for accessing our devices.Error: AUTH 06/09/2012 11:55:40 E 1810 3316 0x8f21 External DB [NTAuthenDLL.dll]: Windows authentication FAILED (error 1326L)if we restarted services of ACS server then users get authentiated fine.
View 1 Replies
View Related
Sep 1, 2011
I have a ACS 4.2 under windows, I setuped it to authenticate routers by RADIUS and TACACS+ protocols. now I have some devices whitch know only LDAP protocol. How can setup ACS as a ldap server to authenticate those devices?>
View 1 Replies
View Related
Aug 25, 2012
We have integrated WLC 5508 to cisco ise 3315 with ios 1.1.1 and using Guest Sponsor portal for wireless guest users.Where we have created open ssid in wlc and redirect web login portal in wlc for guest users. We have enable all respective node in policy service for profiling and also configure snmp in wlc as well as in ise.
When guest user is connected to open ssid its get redirected to web login page of ise portal and when it gets login we are only able to see the username which guest user login but not the end device in monitoring log.
Wireless End devices are not able to get profiled can any one tell me what configuration I need to do on ise or wlc side to profiled end guest wireless device like android,iphone and laptops
View 7 Replies
View Related
Aug 7, 2011
We have Cisco ACS 4.2 in our network and the accounting is done for 750-1000 devices and only for level priv-15.If i want to enable accounting for all levels from priv-1 to 15. All commands executed in devices are sent to ACS. Does the ACS can that much sessions from those many devices?Am also planning to configure acs remote agent to store all the accounting history.
View 1 Replies
View Related
Apr 18, 2013
I'm trying to migrate old data from WCS 7.0 to Prime 1.2 ... I have already created the zip file from WCS and imported it into the defaultRepo on Prime. I see it in the directory when I do a show repository defaultRepo so I have confirmed that it is there. My issue is that it appears Prime 1.2.1.012 won't accept the cli command of ncs migrate.
how I can proceed with the migration? I haven't been able to find any similar command in the Prime CLI so at this point I'm lost as to where I should go from here. I really don't want to have to tell the customer they have to downgrade to Prime 1.1 in order for them to perserve their maps especially since the Deployment Guide for Prime Infrastructure states that it is possible to migrate date from WCS 7.0 to Prime 1.2 as shown below ...
Data Migration
#
Data can be migrated from WCS 7.0, NCS 1.1, or LMS 4.x. More details on migrating data from each of these applications are spelled out in the following sections.
[Code].....
View 10 Replies
View Related
Apr 1, 2013
I installed a chained SSL cert on our anchor/guest 4402 a few years ago.We now have a need to replace the 4402 w/ a 5508, and I got everything configured, ready to go, except that darn cert.I can no longer locate the private key that was used to sign the original CSR.Is there any way to export the current cert from the 4402, so that I can import to the 5508? Or am I SOL?
View 3 Replies
View Related
Apr 14, 2013
I have done a WCS 7.0.220.0 to NCS migration prior to moving to Prime 1.2. I followed the instructions to export the WCS database via the export.bat all command and exported the database. However, when I import this zip fileto NCS there do not seem to be any of the original WCS templates. All the maps and AP details have migrated but no templates.
I have tried the export again and ploughed through the resultant zip file looking for anything that looks like template files but there is nothing immediately apparent that looks like templates.
View 6 Replies
View Related
Oct 2, 2011
Got an problem with LMS 3.2/Solaris.
See no devices both in DCR and RME, besides, in RME device counters (Normal/Pending/etc) are equal to current device count, but then you try to select them for any operation, you unsucceed - 0 device selected, no list of devices, unable to export, no ability to do anything.
Upgraded to 3.2 SP1, no change. Spend a lot of time digging through logs at /usr/adm/CSCOpx/logs, find no problems at all. Seems, that some database parts were corrupted.
I decided to reinstall LMS from the scratch, but to do so I need to export the DCR device data and credentials.
Database is alive (dbaccess.pl install going smoothly, then connection with user lmsdatafeed works and allows to connect and select data from any SQL tool), but this view is not enough for getting from the DCR both device data and credentials.
I have the DB password I set up during installation.
Is there any way to get data I need connecting to LMS database directly with some kind of sysdba SQL database user?
View 3 Replies
View Related
Mar 14, 2011
I'm moving from a 5505 to a 5520 and moving to a different location. I have a certificate on the 5505 that I want to export to the 5520.Can I export that key/certificate and import to the new ASA? Is there a problem since its a different location with a different IP ? (Domain name is the same, I moved the name on the DNS also)Do a have to re-do the signing process with the CA ?
View 3 Replies
View Related
May 14, 2013
This feature is not working on our LMS installation. I have tried different browsers but is always giving the same error. It seems to be Java related.
View 0 Replies
View Related
Jul 25, 2012
How to export Air Quality reports from a 5508? I'm pretty sure I have read that we can not look back in time at the Air Quality report from the WLC, but can from NCS. If NCS was in the picture, can the Air Qaulity Report somehow be exported?
View 3 Replies
View Related
Oct 12, 2012
cisco 2651XM router with WIC1 adsl card and NM-16ESW switch
IOS: c2600-ipbasek9-mz.124-23.bin
I use the following config to export traffic from the adsl card to a fasterthernet port so I can look at the adsl traffic in wireshark on a pc:router(config)#ip traffic-export profile my_rite router(conf-rite)#int FastEthernet 0/0 router(conf-rite)#bidirectional router(conf-rite)#mac-address abcd.efgh.ijkl (mac address of PC) router(conf-rite)#exit router(config)#int dialer0 router(config-if)#ip traffic-export apply my_rite this config works and I can see stuff going on in wireshark but it's only one way. This config only shows traffic going out from my adsl card, but no incoming. There is defintely traffic going both ways because everything about my adsl connection is working perfectly. I've tried using a different fastethernet port, even tried exporting to a different pc but all I see is outgoing ie: source is my public ip address but never as destination . I have bidirectional in the config but it still only shows outgoing. I even tried a different IOS (c2600-adventerprisek9-mz.124-15.T8.bin) but still it doesn't show incoming traffic. Could it be my ISP in some way hiding incoming traffic from view?
View 3 Replies
View Related
Mar 1, 2012
Creating several Inventory-Report Templates via Report Designer I was asking myself how to export/import these templates for use on other systems, performing backup.
View 1 Replies
View Related
Mar 7, 2012
I am using a Thrid party NetFlow tool, Enabled NetFlow on the Cisco 6500 as per recommendations and getting only half amout of traffic passing thorugh the interfaces. I have verified with 3 different NetFlow based tools, everything showing the same value. Is there any bug in my Cisco 6500.
View 2 Replies
View Related
Sep 19, 2012
I´m wondering if it`s possible to export the defualt web auth portal(web login page) via tftp to a computer from the Cisco WLC 5508 and then modify it and then import that customized portal to the WLC 5508?
View 6 Replies
View Related
Oct 14, 2012
I have new ASA 5520 units currently we are using ASA 5510... I have to migrate all the configuration to the new ASA 5520 units....I am wondering is there a possible way to export and import certificates from ASA 5510 to 5520....
how to export or copy all the configurations, plug-ins, certificates from 5510 to 5520.Existing configuration snapshot...CA certificates from third party installed for authentication and identity certificate from Verisign
WebVPN
Anyconnect
Plug-ins
IPSEC tunnels
NAT
View 1 Replies
View Related
Apr 25, 2011
We are trying to sniff traffic in one of our routers 2811 IOS 12.4(3f) capturing data into the flash memory and tftp later to one of our servers. We had followed the command procedure as it is indicate in Router IP Traffic Export Packet Capture Enhancements doc but it seems that the mode capture option is not alllowed in my router. My question is Why? I had read the doc and the hardware and software should support this feature.
ROM: System Bootstrap, Version 12.4(1r) [hqluong 1r], RELEASE SOFTWARE (fc1)
yourname uptime is 2 weeks, 4 days, 22 hours, 14 minutesSystem returned to ROM by power-onSystem image file is "flash:c2800nm-ipbase-mz.124-3f.bin"
Cisco 2811 (revision 53.51) with 251904K/10240K bytes of memory.Processor board ID FCZ104174196 FastEthernet interfacesDRAM configuration is 64 bits wide with parity enabled.239K bytes of non-volatile configuration memory.62720K bytes of ATA CompactFlash (Read/Write)
View 4 Replies
View Related
Mar 21, 2013
I have three ASA5505, two firewalls connected to central VPN hub. the central inside network is 192.168.0.0/24,Network A is 192.168.1.0/24,Network B is 192.168.2.0/24,In one of this site (central), I have server with NetFlow collector.,I will collect the traffic information from all ASA at the my one serverCan I configure source IP address (or source interface - inside) for NetFlow packet, originate from ASA? (for example from site A)If it is not possible I think, I can rewrite my access lists and permit udp traffic from outside interface to server IP like this:access-list VPNACL permit udp host <Outside IP site A> host <Inside IP the Server> eq 9996,But I do not understand, what port I must be use in access list on Central site ASA. ,access-list VPNACL_A permit udp host <Inside IP the Server> host <Outside IP site A> eq 9996 ? or, in this place, must be source port in the udp netflow packet?
View 2 Replies
View Related
Nov 3, 2011
To enable netflow export on ASR1001, do i need the firewall feaure license or not ?Docs are not really clear, NBAR requires FW license, but i am unsure about Netflow?
View 1 Replies
View Related
Apr 15, 2010
I try to export a Detailed Device Report to a CSV. It failes:
<HTML><META HTTP-EQUIV="content-type" CONTENT="text/html;charset=utf-8">
<H1>HTTP Status 500 - </H1><HR SIZE=1 noShade>
<P><B>type</B> Exception report</P><P><B>message</B> <U></U></P><P><B>description</B> <U>The server encountered an internal error () that prevented it from fulfilling this request.</U></P><P><B>exception</B>
[code].....
Exporting to PDF works OK.CW is running on Windows server. RME is 4.3.1
View 11 Replies
View Related
Jan 26, 2012
When I attempt to export the certificate for the quickvpn client via the router web interface, it looks as if the export works, and it asks me to save the zip file. However, upon opening the zip file I receive the error: The compressed folder is invalid or corrupted.
This happens in multiple browsers, from multiple machines.
View 1 Replies
View Related
Jan 3, 2012
trying to export WCS data in order to migrate to the NCS but getting bellow error messages while following the Exporting WCS data doc:
D:Program FilesWCS7.0.172.0�in>export D:wcs.zip
Error occurred during initialization of VM
Could not reserve enough space for object heap
Could not create the Java virtual machine.
The procedure i am tring to follow:
To export WCS data, follow these steps:
#Step 1 Stop the WCS server.
#Step 2 Run the export command through the script file and provide the path and export file name when prompted.
#Step 3 For Linux, run export.sh all /data/wcs.zip. For Windows, run export.bat all datawcs.zip.
I do have enough available space, the WCS runs as VM
View 7 Replies
View Related
