Cisco AAA/Identity/Nac :: Upgrade ACS 4.1 To 4.2 - Authen Session Timed Out / Challenge Not Provided By Client

Jun 17, 2010

I have upgraded Cisco ACS from 4.1 to 4.2, I have Cisco Access Control 1113 apliance, as soon as I upgraded I am getting error in failed logs "Authen session timed out: Challenge not provided by client", what is wring with this?

View 4 Replies


Cisco AAA/Identity/Nac :: ACS 5411 - EAP Session Timed Out

May 25, 2012

I am using ACS 5.3 for certificate based authentication for lan workstation. Now few times I received this message from ACS.5411 EAP session timed out : EAP session timed out?

View 1 Replies View Related

Cisco AAA/Identity/Nac :: ACS 5.3 - 5411 EAP Session Timed Out

Sep 3, 2012

I've got ACS currently authenticating wireless users - using EAP-MSCHAPv2.  There are a large number of failures being reported as:

View 4 Replies View Related

Cisco :: EAP-FAST With ACS 5.3 And WiSM - 5411 EAP Session Timed Out

Dec 13, 2011

In our setup we have WiSM modules installed on cisco 6506-E, ACS 5.3 virtual appliance. We are trying to implement EAP-FAST for our Wireless using WPA/WPA2 802.1x on the WLC side. 
I have followed the instructions in the following document step-by-step: [URL]
Still I have no success. Tried most of the permutations on ACS EAP-FAST configuration.

View 2 Replies View Related

Cisco Switching/Routing :: Any Challenge To Upgrade Core Switch 6500 Series From Nexus 7009 Which Runs NxOS

Jan 28, 2013

Is there any challenge to upgrade core switch 6500 series from Nexus 7009 which runs NxOS, because i have 3750X series switches connected at distribution and access layer in my network topology??
Is there any challenge if we place NxOS in core and IOS in distribution and Access layer??? how we are able to match sh run config in existing 6500 switch to Nexus 7009 NXOS?

View 9 Replies View Related

Cisco VPN :: Client Get Connect But Request Timed Out When Ping 837 Router

Apr 30, 2013

I'm using the cisco 837 router as my VPN server. I get  connected using Cisco VPN Client Version 5. But when I ping the router  ip, i get request timed out. Here is my configuration :
Building configuration...

Current configuration : 3704 bytes
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec

View 7 Replies View Related

Cisco AAA/Identity/Nac :: ACS 5.2 Timed Out For AAA Clients

Aug 16, 2011

I have 2 ACS 5.2 (VMWARE) in my network configured as primary and secondary. When my AAA clients are configured for Primary ACS authentication works fine.But the clients configured with secondary  fails authenticating.My replication status  of the secondary box is showing UPDATED.

View 1 Replies View Related

Cisco :: Log Client Based VPN Session?

Feb 28, 2011

Is it possible to log when a user connects/disconnects their VPN session? They are connecting to an asa 5510.

View 5 Replies View Related

Viewing Client PC Information During RDP Session

May 21, 2012

My IT Department has recently installed Kaspersky Endpoint Security 8 on our laptops. Through a conversation with my IT guy I found that they can literally see what we are installing/uninstalling, surfing etc on our machines. When I am at home I am connected to my own private wireless network with my work laptop and I RDP to my home computer to surf/download files etc to my home machine. My question is, can my IT department track what I am installing/surfing on my home PC that I am connected to RDP? I was thinking of putting my RDP on the outside so I can connect to my home network and surf securely without my IT department keeping tabs on my history.

View 1 Replies View Related

Cisco AAA/Identity/Nac :: Session Duration On ACS 5.1?

Aug 15, 2011

IPSEC VPN users are using ACS for extended authentication, whenever authentication is made, entries are available on ACS, now i need the session duration info on ACS, that means total time during which the user was active should be available.
i have enabled accounting globally on the ASA firewall through aaa accounting enable console ACS and also enable accounting in the tunnel-group itself, to which the user is using.
on ACS 5.1 ,i could not find any option / TAB that can give some information on the session duration.

View 3 Replies View Related

Cisco Wireless :: WLC 5508 With 3600 And 2600 AP - Client Down / Session Timer Is Turned Off

Apr 9, 2013

I have a strange issue with clients connected to a WiFi network.I have configured AP in FlexConnect mode and 2 SSID's. After a reboot of the AP the network is stable for almost 45 mins. Then each client will go UP and Down, mostly with a delay of 5 mins.
What could be the source of this. The clients are Windows CE handheld with fixed IP adres. I already configure persitent client and have play arround with APR timers as well. Thereby an Windows desktop or an iPad has less connectivity issues but even they expert pakcteloss once in severall minutes.
Session timer is turned off
The iPad for example can play music, but each 5 mins you hear a little hickup and 2 subsecond ping are loss.
Controller version is 7.3

View 6 Replies View Related

Cisco AAA/Identity/Nac :: 5411 EAP Session Timeout With ACS In WAN

Jan 19, 2012

We're having trouble trying to deploy 802.1x authentication on a brand new site.
Our primary and secondary ACS are located in Paris and the new site located in Toulouse, France. Both sites are connected through the WAN. Everytime a computer/user connects to this new site in Toulouse, ACS 5.2 sends a "5411 EAP session timeout" error message.

View 9 Replies View Related

Cisco AAA/Identity/Nac :: 2347 - Update Is Not Active Terminal Session-Timeout

Aug 15, 2011

Our company has installed ACS Version: Internal Build ID: B.2347 with patches: 5-1-0-44-5, 5-1-0-44-6. The security policy of our company includes a password change every 3 months. Our programmers had written a script that allows us to do it. When testing revealed that the script does not work. This is due to the fact that it is not possible to enter the mode "acs-config". In determining the reasons it was found that to enter this mode there is a limit on sessions (6 sessions). When the number of connections becomes larger than 6 then the script does not work. The documentation says that the update is not active sessions is set with terminal session-timeout. In this case, the terminal session-timeout 30. But after 30 minutes of the session will remain active. It interferes with our script.

View 1 Replies View Related

Cisco AAA/Identity/Nac :: 750-1000 Devices / Maximum Accounting Session ACS 4.2 Can Handle

Aug 7, 2011

We have Cisco ACS 4.2 in our network and the accounting is done for 750-1000 devices and only for level priv-15.If i want to enable accounting for all levels from priv-1 to 15. All commands executed in devices are sent to ACS. Does the ACS can that much sessions from those many devices?Am also planning to configure acs remote agent to store all the accounting history.

View 1 Replies View Related

AAA/Identity/Nac :: CSACS-1121-UP-K9 - Possible To Upgrade It Being Non Upgrade Part

Sep 10, 2012

Is it possible to upgrade the CSACS-1121-UP-K9 to be a non upgrade part? We were going to upgrade from a Windows 4.x to the above Appliance (version 5.x) but there is now a reason to keep the old Windows version running therefore we cannot give the new Appliance the old ACS's licenses?!So we should have (with hindsight) bought a fresh version of the ACS 5.x rather than an upgrade.

View 1 Replies View Related

Cisco WAN :: 1841 - Limit Bandwidth Provided By ISP

Jun 21, 2012

we have a bandwidth pipe terminating on 1841 BVI interface... now we want to limit all the traffic going from inside to WAN circuit to half... for example 10 Mb pipe we want to reduce to 5 mb on bvi interface.. how this can be done .. as of not there is not need to police any specific type of traffic .. this needs to be done for any traffic from inside to outside...

View 1 Replies View Related

Can't Connect To Apartment Provided Internet

Aug 23, 2012

I recently moved into a new apartment complex where Internet is included with the rent, meaning that I do not have a personal Internet connection. Instead, the apartment company has a general connection along with a router on each floor of the complex. They then wire out from that connection to an ethernet port in each apartment. Because of that, calling the Internet company doesn't work because they can only tell me that the router on my floor is getting an Internet connection (and unfortunately my apartment is too far away from that router to have signal strength to use it for wireless). Most tenants plug their personal routers into the ethernet ports and use them for wireless connection within their apartments.

When I try to plug my router in, I cannot connect. I get an error message saying that there is no Internet connection. When I plug my Mac directly into the ethernet port, I still get no Internet connection. I've even tried plugging my netbook (PC) in, and get nothing. I have tried network diagnostics, I have used multiple ethernet cables, nothing. The previous tenant apparently plugged her router into the same ethernet jack I am using and had no problems. She has been gone for a few months, and now I cannot connect.

View 1 Replies View Related

Cisco :: LIC-10001 Migration File Provided Is Not Valid

Jun 6, 2012

I am trying to upgrade/migrate my WCS license file, via XML export, through the Cisco licensing portal and I keep getting the error listed above.

View 1 Replies View Related

Cisco VPN :: ASA 8.2(2) - Upgrade AnyConnect Client To 2.5.2019?

Apr 16, 2013

I have noticed that the error "unable to process response from x.x.x.x"  when using anyconnect is very common and that the actions to handle it are different. Right know I have the same issue. Let's name it "the message" =)
We are running:
ASA 8.2(2) . AnyConnect 2.5.1025
In my scenario, we used to be able to connect to the ASA using AnyConnect but suddenly it stops to work showing "the message" =) We did this procedure, but it did not worked for us


My first question would be:
How can I obtain more information so I can get a better idea to handle "the message"?

The next step I am about to do is upgrade the AnyConnect Cliente to 2.5.2019. According to the release notes, this versión is supported with ASA 8.2(22)

I also notice that the AnyConnect client can be install with a component named Cisco Diagnostic and Reporting Tool (DART). Does this tool could be usefull to troubleshoot "the message"? What kind of information does DART can give us? Were can I find the files it captures?

View 6 Replies View Related

D-Link DIR-825 :: How To Add U-Boot Sources To Provided Archive

Feb 24, 2011

The bootloader used by the device is U-Boot, which is also licensed under the terms of the GPL. Sadly these parts are missing from the source code package provided by D-Link. Therefore I am asking you to add the U-Boot sources to the provided archive or post them here in the forum.

View 12 Replies View Related

Adding Wireless To Internet Provided By Building Owners

May 2, 2012

We are leasing an office space from a building that has it's own network center. This center can be used by each office/company to either house their own networking solutions or utilize their internet access if you plan only to use cloud servers or NAS servers. Our company (4 employees) is using this network center only for internet access with all of our data stored and accessed in our cloud service.We would like to access the internet wirelessly, which building does not provide. We were given one port and shared the link through the use of a switch. So my questions is would an access point add wireless connectivity without any information (ISP?) provided by the network center? I am not sure yet if we will be purchasing a router/AP or device made for to be used as an AP.

View 1 Replies View Related

Linksys Wireless Router :: WRT160N Any Way To Install Without Using CD Provided

Jan 1, 2013

We currently get our internet through a small company that only uses a static IP and I cannot get our WRT160N router installed so I can manually set up our internet connection.  Is there any way to install the router without using the CD provided.  I keep getting the error code 322 during installation.

View 1 Replies View Related

Cisco Infrastructure :: CS2811 - Maximum Speed Supported For IMA Service Provided

Dec 14, 2011

Can we use all four E1 (i.e.  8Mbps) connections for IMA on IMA-4E1 card in a CS2811 router. What is the maximum speed supported for IMA service provided?

View 3 Replies View Related

Networking :: Second Separate Network Using Single ISP Provided Address D-Link DI-624

Nov 25, 2011

I have a standard home network consisting of internet access provided by my cable company which is then disseminated to a variety of wired and wireless devices via a router.

I would like to create a second wireless network that is separate from my current one. This new wireless network would have extra access controls including access restrictions to some web sites using both IP address restrictions and using the OpenDNS DNS servers.

The picture below illustrates the current configuration. The question is: how can I connect ROUTER B to the internet using my current equipment (without buying another IP address from the cable company)?

MODEM --> ROUTER A --> ANTENNA <------> COMP 3
1 2 3 4
| |
| |
COMP 1 <---' | W
| ?? <--> ROUTER B --> ANTENNA <---> COMP 4
COMP 2 <-----' 1 2 3 4

W = WAN port

So, in the above picture, COMP 4 is connected via wireless to this second network and cannot access anything on the first network and uses different different DNS servers.

In case it matters, ROUTER A is a Linksys WRT54GL while ROUTER B is a D-Link DI-624.

View 1 Replies View Related

Cisco AAA/Identity/Nac :: ISE Client Provisioning With WLC 7.3

Mar 5, 2013

i have the following challenge. I will try to be synthetic.
WLC 7.3
Wireless clients, dot1x eap peap, posture required.Clients should download the nac agent through redirection.the access list is correctly applied on wlc.The challenge is, it works for http traffic, but dont work for https traffic or if the browser is using a proxy (port 3128, 8080 etc).

View 4 Replies View Related

Cisco AAA/Identity/Nac :: Upgrade ACS 5.1 To 5.4?

Nov 28, 2012

I'm not able to find any clear process/documentation on how to upgrade 5.1 to 5.4, so I have assumed that it will be a 2 stage process...Upgrade from 5.1 to 5.3 (or 5.2) Then upgrade to 5.4?

View 9 Replies View Related

Cisco AAA/Identity/Nac :: Upgrade From ACS 4.2 To 5.1?

Jan 4, 2012

We only need to the Local User info to be transferred to the Ver5.1.

View 15 Replies View Related

Cisco AAA/Identity/Nac :: ACS 4.X Upgrade To 5.X?

Apr 18, 2013

Any issues migrating ACS 4 to 5?

View 3 Replies View Related

AAA/Identity/Nac :: Upgrade ACS 4.2 To 4.3?

May 8, 2013

I have some requirement where I need to upgrade the ACS 4.2 to 4.3, are there many upgrades available from Cisco on this ?

View 5 Replies View Related

AAA/Identity/Nac :: ACS VM Upgrade From 4.0 To Than 5.3?

Nov 7, 2012

I want to upgrade the Cisco ACS ver from 4.0 to running on VM envoinment with primary and scondary server. I have tried to find documents related this upgradation.

My target is:


Secondly I wanted to know that this upgradation would possible for VMs or not. and this upgratation (4.0 to could be possible on demo license?. because I have orderd to Cisco L-CSACS-53VMUP-K9 and CON-SAS-CSACS3V.?

View 4 Replies View Related

Cisco AAA/Identity/Nac :: AD Authentication For VPN Client 1812

Dec 26, 2011

I am using Cisco 1812 as EZVPN server. I want to use Active directory for VPN user authentication. I am trying from couple of days but no success.With ASA, i am able to authenticate against AD, but not with IOS router. Below are my configurationsIf kerberos authentication is not possible, I would like to know the possibility of using AD as ACS external database. I am running both AD and ACS in the same server. If i can integrate AD with ACS, i can use TACACS or RADIUS for the authentication.

View 3 Replies View Related

Cisco AAA/Identity/Nac :: How Can LDAP Client Connect To ACS 5.2

May 8, 2011

I have an CS-ACS appliance with version. There is not any direct solution for connect ldap client to server. I have 3 servers that have only ldap and for authentication I can not use radius or Tacacs+. I need a solution for this problem. How can LDAP Client  connect to ACS when it has only ldap protocol?

View 1 Replies View Related

Cisco AAA/Identity/Nac :: Upgrade An ACS Server From 5.0 To 5.1?

Dec 7, 2009

I'wont to upgade my ACS server to 5.1 . I wont to use Active Directory .  it's seem that  in my curent version AD is not supported !

View 12 Replies View Related

Copyrights 2005-15, All rights reserved