Cisco AAA/Identity/Nac :: ACS 5.2 Compound Condition Wildcard Support
Jan 26, 2011
is it possible to use wildcards in Compund Conditions in ACS 5.2? i've been suing the following to try and match a username that contains @*.*:
This would hopefully match a username like j.blogs@somewhere.com but doesn't work as expected - am i doing something wrong or are wildcards not supported in compund conditions?
View 2 Replies
ADVERTISEMENT
Apr 29, 2013
Getting ready to order a SSL Certificate for my newly installed ACS 5.4 and before I did that i want to verify if ACS 5.4 supports Wildcard SSL's.
View 5 Replies
View Related
Sep 1, 2011
Is it possible to use wildcard (*) or regexp in ACS 5.2? For example, I would like to create an End Station Filter that would match when the DNIS is *something
View 1 Replies
View Related
Jan 13, 2013
I am looking to implement VSS using our two 6500 series switches. The "Recovery Actions" when there is a Dual-Active situation says that the active chassis that detects a dual-active condition shuts down all of its non-VSL interfaces (except interfaces configured to be excluded from shutdown) to remove itself from the network, and waits in recovery mode until the VSL links have recovered. Does this mean that the Active chassis gets totally isolated thus triggering the modules on the Standby chassis to be active ?
View 1 Replies
View Related
Jul 13, 2011
EEHYP_CS_801#sh logging Syslog logging: enabled (0 messages dropped, 0 messages rate-limited, 0 flushes, 0 overruns, xml disabled, filtering disabled)
No Active Message Discriminator.
No Inactive Message Discriminator.
Console logging: disabled
Monitor logging: level debugging, 236 messages logged, xml disabled,
filtering disabled
[Code].....
View 5 Replies
View Related
Jun 27, 2011
What is the remedy/procedure to make a deformed CAT-5 cable into normal condition.
View 1 Replies
View Related
Jan 11, 2013
I am using a wrt54gl in 'Router' mode. It is behind a server that is configured as a server/router/firewall that is serving dhcp addresses for the network behind it. I have bypassed the dhcp server hardware by plugging the LAN out from my server/router/firewall into a switch port on the back of the wrt54gl. I have switched off the dhcp server in the wrt54gl during it's configuration.how can I login to the wrt54gl to review and make note of its current configuration ?
View 3 Replies
View Related
Nov 17, 2012
I have been looking at IP cams, like the Vivotek IP8332, or possibly the Axis m1113e
It could easily be -30F for several nights in any given winter. I am going to spend about $1,000 for two cams + cabling, etc. running into a PC to record video events.
EDIT: (The PC is not part of that $1,000). I know there are an abundance of outdoor enclosures with heat and fan, but I have never dealt with this stuff before. I also want to have night vision capability-- looking at seperate IR lamps. Meh.
View 6 Replies
View Related
Aug 20, 2012
As we know that WLC (i.e. 5508) does not support MAB (MAC Auth Bypass) and it supports CWA in 7.2.x. CWA is a result of successfull MAB. So how CWA work for wireless? So it means WLC support MAB?
View 5 Replies
View Related
Dec 5, 2011
how to install a wildcard certificate with only the .cer file. I've found quite a few things here in the forums, but everyone seems to also have a pkcs12 file, which I do not.
This is an ASA 5510 on ver 8.4.
View 6 Replies
View Related
Aug 27, 2011
I have ACS 1120 appilance does it support ACS version 5.2.0.x and corresponding patches.
View 2 Replies
View Related
Dec 18, 2011
I have Some Alcatel Switch and I want to use ACS 5.2's tacscs+ for Alcatel Switch admin authentication.the Failure Reason:13011 Invalid TACACS+ request packet - possibly mismatched Shared SecretsBut I was check the share secret is correct.Before I was tried associated ACS with vision 4.2 is work.
View 12 Replies
View Related
Dec 14, 2011
How Cisco Identity Service Engine (ISE) can work with WLAN controller 5508 to do the Local Web Authentication, on behalf tje guest profile is create using Cisco ISE guest management?
As i check Cisco ISE caveat wireless only support on LWA, and LWA not supported on Authorization's VLAN assignment.
what i need to concern abou the ISE authentication and authorization policy on behalf on Wireless LWA with use of ISE guest management case?
View 1 Replies
View Related
Mar 11, 2012
I am using ACS 5.3.I need to make macauthentication on Enterasys switch with Cisco ACS 5.3.I get the following error;
Parsing error or event type unknown:xxxxxxxxxxxxx ERROR RADIUS : RADIUS packet contains invalid attribute(s) ;Failed-Attepmt:Radius request dropped
How can I integrate Custom Attribute Enterasys A2 Switch with Cisco ACS 5.3 ?
View 3 Replies
View Related
Apr 15, 2013
I am basically looking to install the wildcard on the outside interface for my ASA
View 1 Replies
View Related
Jan 28, 2013
I'm attempting to install a GoDaddy wildcard ssl certificate onto a WLC 2504 running version 7.4.100.0.
I am getting the error "#SSHPM-3-KEYED_PEM_DECODE_FAILED: sshpmcert.c:4055 Cannot PEM decode private key" when downloading the .pem file to the controller.
What I have attempted to do was to export the certificate from a Windows 2008 R2 server into a .pfx file. The file contained the private key and all possible root certficates (in this case a root and a intermediate cert). Now I took this .pfx file and attempted to create a .pem file with openssl using the following command: openssl pkcs12 -in myssl.pfx -out mynewssl.pem -passin pass:mypassword -passout pass:mypassword
Now I have opened the .pem file and verified it does contain the private key and the three certificates (wildcard, intermediate and root).
View 4 Replies
View Related
Jan 21, 2013
I've seen a bunch of discussions on the untrusted server cert error with self signed certs. But I have a valid wildcard that I use on my ASA. How do I make that work with out the untrusted server cert error?
View 5 Replies
View Related
Dec 5, 2011
Is the ISE going to support the 2500 series Wireless LAN Controller WLC? If yes in what release and appriximately when is that due to be released?
View 1 Replies
View Related
Apr 23, 2013
I'd like to configure ASDM access to ASA-SM using RSA SecurID authentication.I've followed instructions in this documen [URL]When I test access from CLI everything looks fine:
asa-vss/admin/act# test aaa-server authentication RSA
Server IP Address or name: xx.xx.xx.xx
Username: testuser
Password: **********
INFO: Attempting Authentication test to IP address <xx.xx.xx.xx> (timeout: 12 seconds)
INFO: Authentication Successful
[code]....
When I try to use ASDM, I'm unable to login and I can see lot of authentication error (Token reuse) messages on RSA server monitor window.It looks like ASDM 6.5(1) for ASA-SM doesn't support RSA/SDI authentication.
View 9 Replies
View Related
May 17, 2012
we have installed nac for our customer and it works fine ,but the customer want the change the version of kaspersky antivirus from 6 to 8 end point security ,when we have try this the nac agent does not find the antivrus on the the workstation . i want to know if this version of kasoersky (end point security ) is supported by nac ,if no is ther a solution to make it works with the NAC .
View 3 Replies
View Related
Feb 13, 2011
I have 3 WLC 5508 and a NAC guest server. We want to download a wildcard certificate after a few seconds at the download of this certificate I got the failure message download failed.
Accept the WLC wildcard certificates or must I generate a SAN (Subject Alternative Name) Certificate.
View 5 Replies
View Related
Dec 20, 2012
We are running ACS 4.0 so understandably so we are looking to upgrading to a Cisco supportable version of ACS. The limitation of our current version of ACS does not support nested AD groups. The latest version of ACS (I think it is 5.4) will?
View 1 Replies
View Related
Nov 28, 2012
Whether ISE-3315-K9 with ise version: Service Engine: 1.0.4.573 , supports the command level accounting
Bascially , we have integrated Cisco Switches with Cisco ISE for Device Authentication using Radius , we are able get the authentication logs on to the devices , but for any command changes or update done on Cisco devices we are not able to get the command accounting.
View 1 Replies
View Related
Dec 15, 2011
Critical voice vlan feature, used to place a newly authenticating phone when radius server is dead into appropriate voice vlan, seems to be a new feature and I find the documentation to be incomplete. Do the following switches support this feature in any IoS versions? WS-C4510R, 4506, 3560, 3550,2960s.
View 1 Replies
View Related
May 25, 2011
I'm looking to implement ACS 5.2 using 802.1X, we have two seperate AD domains.A single switch will need to support both ADs, so if a machine in AD1 is connected, it will be authenticated to the ACS using AD1 and applied to VLAN1, while a machine that is in AD2 will be authenticated to AD2 and applied to VLAN 2.
I'm looking at machine authentication, not user authentication, so I assume that I will need to import two certs from each AD.
View 3 Replies
View Related
Sep 13, 2012
How many newtork devices can Cisco Secure ACSv4.1 support is there any limit on the same? How to get the Specs of Cisco Secure ACSv4.1 on the above grounds...
View 2 Replies
View Related
Sep 6, 2012
I generated a wildcard certificate for my company type *. [URL] in a CSS 11501. For the site [URL] worked fine, for the site [URL] didn't worked. I read on the web that should generate a wildcard certificate with subject alternative names. Is it possible in CSS? how can I do it?
View 5 Replies
View Related
Aug 3, 2011
I Have a requirement to migrate from ipv4 to ipv6, I have checked the scalability of all the devices for this migration except ACS 1113 Solution Engine, Version 4.2. I couldnt reach the proper documentation to check its support for ipv6.
View 1 Replies
View Related
Jun 8, 2013
how ISE support on third party LAN switch, if the requirement is doing 802.1X based flexauth.Refer to the diagram i attached; 01 topology.png
Concern 1: if the 3com switch with 802.1X feature, but still without the full feature to support FlexAuth, policy encforcement, DACL etc. In this kind of situation, will user still able to authenticate (using method PEAP-MSCHAP v2), but authorization just grant with permit any any?
Concern 2: Can i assume i authenticated the 3com switch using MAB? But this will cause endpoint with no 802.1X, am i right?
Concern 3: cisco switch C4507-E, loaded with IOS version Cat4500e-UNIVERSALK9-M, version 03.04 and Supervisor Engine :WS-X45-SUP7-E, is this platform is supported in Cisco TrusctSEC?
View 2 Replies
View Related
Oct 2, 2011
Is it possible on the CSS11503 to create a layer 5 content rule that matches a url "/*/_edit".
View 3 Replies
View Related
Sep 2, 2012
Using a Cisco 1800 series router (1802) with IOS 15.1(4)M2.I am quite sure the following should somehow be possible in IOS, but I can't figure out how to do it ... :I have the situation that I need to bind specific devices by DHCP to the same IP range.
These devices (medical equipment, used in hospital) are all from the same vendor.So the first three octets in the MAC address (Organizationally Unique Identifier , OUI) are the same for each device. The next three are always 'unknown'.I know how to bind a fully known MAC address to a host ip or ip range , but is it somehow possible to do this by the OUI ?Like using some wildcard option.
View 1 Replies
View Related
Mar 29, 2013
Region : UnitedKingdom
Model : TD-W8960N
Hardware Version : V4
Firmware Version : 1.4.0 Build 111130 Rel.55990n
ISP : DEMON
I'm using parental controls to block all devices in the house from using tumblr. I cannot do this at a device by device level as it is being used on iphones/androids, laptops and desktops.Unfortunately, the way that tumblr works is that it use many URLs for the different pages people set up so it is not just a case of blocking url... - so I'm struggling to work out if I can do this via URL blocking on the router settings. How to do this at router level.
View 3 Replies
View Related
Feb 16, 2011
can wireless router support up to 100 user including support network printer
View 1 Replies
View Related