Cisco AAA/Identity/Nac :: Secure ACS 4.2 On VMware ESX 4.0?
May 10, 2010We need to move from ESX 3.5 to ESX 4.0 a virtual machine running Cisco Secure ACS per Windows version 4.2.
View 10 Replies
ADVERTISEMENT
Cisco AAA/Identity/Nac :: ACS 5.4 VMWare Requirements
May 27, 2013I am reading up on the ACS VMware appliance installation instructions and am a bit confused on the disk space requirements. It says 60Gb is required and then goes on to talk about 500GB for the secondary instance. Do I need more than 60gb? Is the secondary instance a separate machine or part of the same one?URL
View 5 Replies View RelatedCisco AAA/Identity/Nac :: ACS 5.4 Installation On Vmware Workstation?
Jan 21, 2013is it possible to install cisco acs 5.4 on vmware 8 workstation ?
View 1 Replies View RelatedCisco AAA/Identity/Nac :: Recommended VMware Configuration For ACS 5.x
Feb 9, 2012Are there any recommendations for configuring the VM for the ACS 5.x? What are the required minimum CPU-Cycles to dedicate and also the minimum RAM to dedicate?
View 1 Replies View RelatedCisco AAA/Identity/Nac :: What Are VMware Requirements To Run ACS4.1.4
Aug 27, 2012What are the VMware requirements to run ACS4.1.4? Im trying to use a VM this as the migration server. According to the cisco docs, it states that: "ACS 4.1 has been tested on the VMWare ESX server with the following configuration:
•VMWare ESX Server 3.0.0
•16 GB of RAM
•AMD Opteron Dual Core processor
•300 GB hard drive
•Four virtual machines
•Windows 2003 Standard Edition
•3 GB of RAM for the guest operating system"
I understand it will work as it "has been tested" with those specs, but the doc does not state the minimum requirements for the virtual machine. I dont want to use/find 300GB of space if I only need 20GB(as an example) to make it work.
Cisco AAA/Identity/Nac :: Migration ACS 5 Appliance To ACS 5.1 Vmware
Jun 7, 2011I'm with problems to migrate the ACS 5.1 hardware to ACS 5.1 vmware. In my infraestructure I have a appliance with ACS 5.1 and I need to migrate to vmware to do HA. I installed vmware as the Cisco ACS recommendations. I made a backup of the ACS hardware and copied the local disk vmware ACS.
When I start the restore process after a few minutes an error occurs:
UMA/admin# dir
Directory of disk:/
33293306 Jun 08 2011 16:51:38 bkp-production-110608-1433.tar.gpg
5862 Nov 07 2009 01:06:32 favicon.ico.1
16384 Jun 06 2011 17:54:34 lost+found/
[Code]....
AAA/Identity/Nac :: ACS 5.0 On VMware Work Station 7
May 18, 2012I am trying to install ACS 5.0 on workstation, however once the install finsihes it reboots and I enter the Linux bash command line rather than the Cisco CLI.
Note - this is now fixed. I followed the steps here to install ACS 5.0 on VMware Workstation 7: url...
Cisco AAA/Identity/Nac :: ACS 5.3 VM Editing CLI Roles For VMWare Admins
Mar 7, 2012I have a client that is running ACS 5.3 as a VM in ESX 4.1. The client wants their VMWare admins to have the ability to shut down the ACS server during maintenance etc... I know I could create a CLI user with admin priviliges, however, assigning full admin priviliges is beyond the scope of what the user requires. They simply want a user account with the added privilige of performing a halt from the CLI. In the CLI Reference Guide for ACS.
So is it possible to create an account with user priviliges, then modify its permissions to allow for a halt?
Cisco AAA/Identity/Nac :: ACS Remote Agent 4.2.1 On VMWare Server?
Jul 17, 2011it's possible to install ACS Remote Agent 4.2.1 on VMWare server. Is it supported by Cisco?Do you have any experience with running the remote agent on VMWare servers?
View 2 Replies View RelatedCisco AAA/Identity/Nac :: Backup Admin Requested To Install VMWare Tools On ACS 5.3 Server
Nov 11, 2012to backup an ACS 5.3 vm running on ESXi 5.0 our backup admin requested to install vmware tools on the acs server.
View 2 Replies View RelatedCisco AAA/Identity/Nac :: Secure ACS 5.2 Appliance To Use Or Not To Use UCP
Nov 16, 2011All users are located in the local identity store.So - assume I do not implement ACS but I do turn on password expiration after 60 or 90 days. Will a user whose password is about to expire attempts to authenticate against ACS 5.2, will they be notified that their password is about to expire?Also, when a user attempts to authenticate but their password expired yesterday, will they be prompted to change it and if so, how will that prompt to change it be presented?
View 3 Replies View RelatedAAA/Identity/Nac :: Secure ACS 5.2 And Microsoft NPS?
Dec 6, 2011We're using Cisco Secure ACS 5.2 as a Proxy AAA server, using Active Directory as an External Identity Store. They are already synced and connected and thus I can login into the VPN using my Domain credentials.
But that's not enough. My client needs to limit who can and can't establish VPN session, I mean, the way it is now, EVERY single employee can do that if his/her credentials are valid in the Active Directory domain controller. So I need to do two things:
1) Using the Microsoft NPS server, via dialin attribute, allow or deny VPN sessions using ACS/ASA;
2) Using the company user credential attribute to identify which Authorization Group the requesting user should be in, Downloadable ACLs will then be applied according to the access policies created for each company.
Cisco AAA/Identity/Nac :: How To Configure Airespace In Secure ACS V5.3
Mar 10, 2013Cisco Airespace configuration in Cisco Secure ACS v5.3. We're migrating to ACS v5.3 but we're encountering an issue with Cisco Airespace. It is only working on ACS4.1 but when we tried to move it to Cisco Secure ACS v5.3, it is not working.
View 7 Replies View RelatedCisco AAA/Identity/Nac :: Secure ACS 5 For IP Address Assignment Via RADIUS?
Jan 13, 2013I want to use RADIUS (of Secure ACS 5.3) to authenticate users within an ISP environment. Users log connect to a network using a point to point connection (L2) and then they are sending a RADIUS request to get IP adresses. Secure ACS is not quite easy to look through in that case.
View 3 Replies View RelatedCisco AAA/Identity/Nac :: Patch Rollup For Secure ACS 4.2 Fails?
Jan 7, 2010I've got 2 freshly installed ACS 4.2 for Windows servers and I need to apply the latest patch rollup before I build the configurations. I stopped the ACS services and ran Acs-4.2.0.124.15-SW.exe to install the patches. The application begins running fine but fails on upgrading the database and then none of the ACS services would start. I was able to restore the files from the backup that runs with the patch utility and get ACS functioning again. What am I missing - does the patch rollup require any specific Microsoft Patches to be installed or something like that?
View 7 Replies View RelatedCisco AAA/Identity/Nac :: ACS 5.1 Configuring LDAP With Secure Authentication?
Mar 15, 2012I am setting up an LDAP identity store over ldaps in ACS 5.1. I specify that the connection uses secure authentication and provide the Root CA certificate. When I hit "Test Bind to Server", I get this error message in a popup window: "Connection test bind Failed :server certificate not found"Is this saying that ACS can't find the CA certificate uploaded, or does it mean the actual certificate presented by my LDAPS server during the bind test?
View 2 Replies View RelatedCisco AAA/Identity/Nac :: OS Lion Of Apple Do Not Authenticate In The Secure ACS 5.2
Jul 16, 2012I'm with one problem, my OS Lion don't authentication in the Secure ACS Version: 5.2.0.26.10.For the Mac Lion operating system to work you must put in execeção the MAC Address of your computer. I wonder how it could cause the OS to authenticate the ACS Lion.
View 1 Replies View RelatedCisco AAA/Identity/Nac :: Secure ACS 5.3 - Receiving An Alarm Notification?
Jul 19, 2012We are using version 5.3 with patch 5. Incremental and full backup are configured but every day we receive an alarm notification.
View 7 Replies View RelatedCisco AAA/Identity/Nac :: LDAP Or AD For External Database - Secure ACS 5.2
Sep 27, 2012I am working on project with Secure ACS 5.2. I am trying to determine the proper External Database to use. LDAP or direct to AD?
Additionally, the Domain that I am connecting to has Multiple sub domains. All of the users are currently in the Sub domains, but will be moving to root domain later. How should I configure the connection, do I need to connec to each sub domain or can I just connect to the root?
Cisco AAA/Identity/Nac :: Secure ACS 5.2 Appliance - High Availability
Sep 1, 2011I just want to know if i need to support High Availability in Cisco Secure ACS 5.1 appliance, will the base license suffice or do i need to buy Security Group Access System License/ Large deployment License. Again, do we require license for each appliance or just one is enough?
I Suppose the licensing rules are same for the Vmware version also.
Cisco AAA/Identity/Nac :: 2960S Web Authentication With RSA Secure-ID On Switch
Feb 4, 2012I've recently been looking into linking in our Cisco 2960S Gb Switch with RSA SecureID via Radius.I've already managed to link it in for ssh access
but I've not managed to get it working for http / web access to the switchI think this is because we're using "single use" tokens for maximum security with RSA Secure-ID and the web interface attempts to authenticate multiple times against the Radius part of the RSA SecureID server (okay on the first authentication, but each time after it's going to want a different token code)
(if there's a way to get the switch to just authenticate once instead of multiple times against the radius server) For info the switch is a WS-C2960S-24TS-L with IOS 15.0(1)SE2
AAA/Identity/Nac :: Secure ACS 5.1 Users Disabled Intermittently
Nov 14, 2012We're running Cisco Secure ACS V5.1 on a Linux platform to manage remote access to many networking devices. This has not been in place long, and is generally working OK. However, whenever I set the parameters of the user authentication to 'disable user account after X days if password was not changed', so as to comply with our internal security regulations, the user IDs seem to disable themselves intermittently, irrespective of whatever number of days I put in this - this can be a couple of days after re-enabling, or just a few minutes.
This can be found in the advanced tab here: System Administration > Users > Authentication Settings.In the mean time, we are having to set the user authentication to be non-expiry. Is this a known fault with this version of software? If so, would there be a patch available, and how would I go about obtaining it?
AAA/Identity/Nac :: Use Cisco Secure ACS 4.2 To Enable Command Authorization Using TACACS?
Nov 5, 2011provide a sample configuration to use Cisco Secure ACS 4.2 to enable command authorization using TACACS.
View 8 Replies View RelatedCisco AAA/Identity/Nac :: Delete Proxy Configuration On Secure ACS 4.1 For Windows?
Feb 6, 2012We have a pair of ACS 4.1 servers (Windows Server 2003 R2). Let's call them ACS1 and ACS2. We don't want either one of them to proxy to any AAA server, including each other. We're using mostly TACACS authentication.
While troubleshooting a general problem, I'm guessing that one of us did this on ACS1:
pressed the Network Configuration button,saw the Proxy Distribution Tableclicked (Default)moved ACS1 from the AAA Servers column to the Forward To column.
So, essentially, we're telling ACS1 to proxy all requests to itself, which doesn't seem to make sense. I don't know for sure whether it should work when configured to "self proxy," but in that state, it does not authenticate anyone and gives merely "Internal error" as the reason.
If I change the configuration so that "ACS2" appears in the Forward To column, and I move "ACS1" back to AAA Servers and restart, ACS1 starts responding correctly to TACACS requests. Of course, ACS1 is just proxying all requests to ACS2, so having two servers isn't doing much good.
I cannot simply remove ACS1 from the Forward To column and leave it empty. The interface complains that it can't forward to zero servers. Of course, on ACS2, there are no servers in the Forward To column, since we never touched the Proxy Distribution Table there.
Is there any way to return the Proxy Distribution Table to its default setup, that is, no servers appear in the "Forward To" column?
We're planning to upgrade to version 4.2 very soon, so this question is mostly academic, unless the same problem exists in 4.2.
For full disclosure, I should mention that the problem we were troubleshooting was loss of connectivity to our Windows Domain Controllers from our ACS servers. We had missed adding some exceptions in our firewalls to allow for four new DCs. As far as we can tell from testing, connectivity to the DCs is now fine. The firewall rules group ACS1 and ACS2 together, so connectivity should be the same, and ACS2 authenticates users correctly.
Cisco AAA/Identity/Nac :: How Many Network Devices Can Secure ACSv4.1 Support
Sep 13, 2012How many newtork devices can Cisco Secure ACSv4.1 support is there any limit on the same? How to get the Specs of Cisco Secure ACSv4.1 on the above grounds...
View 2 Replies View RelatedCisco AAA/Identity/Nac :: Configure ASA 8.4 To Communicate With AD Environment Using LDAP Secure?
Jul 30, 2012I'm trying to configure an ASA to communicate with an AD environment that is only using LDAP Secure (LDAPS). I've configured authentication to ASA's with LDAP lots of times, though never with LDAPS.
Presumably there is a procedure to install a certificate in the same way as an RSA sig in VPN.
AAA/Identity/Nac :: Upgrade From 5.1 To 5.2 By Having Smarnet On 1120 Secure ACS Appliance?
Mar 13, 2011Am I entitle to upgrade from 5.1 to 5.2 by having smarnet on my 1120 Secure ACS Appliance?
View 1 Replies View RelatedCisco AAA/Identity/Nac :: 5510 Assigning A User Group Using RSA Secure ID RADIUS Server
Feb 3, 2007We have several ASA 5510 firewalls which are being used as VPN gateways.RSA SecurID is the authentication mechanism using native SDI connectivity. No ACS server is being used.Is it possible to assign user Group and other attributes (such as ACL), using the SecurID RADIUS server? I know this is what the Cisco ACS is for, but is it possible using the RSA RADIUS server itself?
View 11 Replies View RelatedLinksys Wireless Router :: E1000 Secure And Non-secure Hotspots
Jul 12, 2011When setting up my e1000 router for a secure domain it automatically opened a non secure one that my neighbors are using. How can I cancel it?
View 2 Replies View RelatedCisco VPN :: ASA 9.1 WebVPN VMWare VDI
Feb 28, 2013In Cisco ASDM 7.1(1), webvpn configuration, it is possible to configure bookmarks with "vdi://" links to Citrix's or Vmware's Virtual Desktop Infrastructures, but we couldn't find any configuration resource (conf guide) on official Cisco site: if it is actually possible to integrate Vmware View Client into ASA 9.1 WebVpn solution?
View 1 Replies View RelatedCisco :: What Vmware Have To Use To Install Cucm 7
Apr 18, 2012What vmware i have to use to install cucm 7. vmware workstation 7 or vmware server or exsi 4 or 5. Any correct link to download and vmware config settings.
View 2 Replies View RelatedCisco Wireless :: License For WCS 7.0 On VMware?
Apr 24, 2012One of our clients is going to install WCS on a Vmware machine and uninstall it from the physical server. He wants to know if he can use the same license or get another one; since he will get a new Mac address with the new VmWare machine.
View 1 Replies View RelatedCisco :: ACS 5.4 Installation On Vmware Workstation
Jan 21, 2013is it possible to install cisco acs 5.4 on vmware 8 workstation ?
View 1 Replies View Related
