Cisco :: Integrating WCS 7.0 With ACS 5.1
Jan 6, 2011
Trying the config as depicted in the WCS 7 config guide? I have tried today to integrate WCS 7 with ACS 5.1 and got a partial success. I have created a unique Shell Profile that invokes for the WCS only which contains 1 role (role0=Root) and 73 task entries (as copied from the WCS group pages) and I can log in to WCS with the new account, but some things I dont appear to have priviledges for, such as Reports. Is there any way to debug which task WCS thinks I dont have to do this?
View 8 Replies
ADVERTISEMENT
Mar 11, 2012
I am using Cisco LMS 3.2.1 with ACS 5.1, actually, i want to integrate my Cisco Work with ACS 5.1 in AAA mode i already setting up the AAA mode to Cisco ACS, when i apply the configuration, i got failed as image attached.
What should i do to resolve the problem ? i have configure the ACS in Network Devices and AAA Client, i have added the Cisco Work Address to ACS, but i got the same error.
Besides, would you like to give me some explanation about the function of AAA mode Setup on Cisco Work,
is it used for User Authentication to logging in to Cisco LMS, or is it used for discovery process (Credential Information) when we want to add some devices into Cisco LMS ?
View 3 Replies
View Related
Jan 4, 2012
I am trying to populate the LMS 4.1 components to ACS.
View 2 Replies
View Related
Aug 13, 2012
I need to integrate a 2504 WLC with a windows 2003 LDAP server for extented authentication, is there any guides available for this ?
View 1 Replies
View Related
Mar 10, 2012
I am using ACE30 having s/w version: 4.2. I am using ACS 5.2
I have used the below commands to add ACE with ACS for AAA.
tacacs-server key 7 "nacs0wvd!q"
tacacs-server host 96.86.76.66 key 7 "nacs0wvd!q"
tacacs-server host 96.86.76.67 key 7 "nacs0wvd!q"
[Code].....
I am getting authenticated by ACS, but the problem is authorization is not happening. In ACS, i have just added the device IP using TACACS+.
View 0 Replies
View Related
Jan 2, 2013
I have 3 Cisco AP 1140 at my customer (Service Industry) place, so they requenst us to provide Hotspot solution to them for managing the Internet connection for limiting to their Customers over the account system. Let me know how i can integrate hotspot BOX with Cisco AP.
View 3 Replies
View Related
Nov 11, 2012
We have a WLC 4404 with about 85 1121 and 1241 APs. - I just added 6 new 3501E with Antennas, and configured the a new SSID, but non of my clients can connect to any of the 3501s. One solution from a tech was to update the NIC drivers. I verified that all test clients are 802.11N and sometimes they find the 3501 but often they switch to another of the older and weaker 1121 or 1241s. On one test I had a 3501 just outside his room and his client nic was picking up a weak signal 2 floors up, then it would go to one 1 floor down. eventually we could get it to feed of the nearest 3501 but it would go back to another 1121 or 1241 soon thereafter,.
View 5 Replies
View Related
Feb 2, 2012
I know nothing about Tablets (iPad or Android) or their operating system. My wife is interested in getting a iPad 2 or Android tablet.
I have a home WiFi network based on two laptops and a desktop. They are all running Windows OS. I also have 3 external drives and two printers USB wired into the main desktop.
I have two questions:
1) Will I be able to integrate an iPad/Android tablet into the Windows home network so as to be able to access the .jpg photographs on the desktop drives?
2) Will the tablet be able to output work to the printer attached to the Windows Desktop?
View 3 Replies
View Related
Nov 20, 2011
I have a single production 5510 with 2 contexts. Now I want to integrate the secondary failover unit. My question is: How much configuration needs to be done on the secondary firewall? How much of the configuration will be sync'd from the primary to the secondary when the secondary is connected?
For example, do I need to add the following on the secondary or will it be sync'd from the primary?
admin-context NAME
context NAME
allocate-interface Ethernet0/0.14
[Code].....
View 3 Replies
View Related
Dec 17, 2012
We have an existing network with a Catalyst 4510 core switch and departmental 3560 switches connected via fiber. Due to company restructure we can no longer afford to buy new 3560's when anything goes wrong so this week I purchased an SG200-26 which I'm trying to get onto the network.
This is a legacy network which I didn't setup so my Cisco skills are somewhat limited (another reason for the SG200's hopefully), anyway have been looking at the configs on the existing switches and trying to match settings in the SG200 setup however not getting anywhere! I have the config from the dead switch so I can show what needs to be achieved, any experience in downgrading environment in a similar way?
View 7 Replies
View Related
Mar 7, 2012
I've just started a new job after a couple of years not touching cisco gear and been pitched in... My new employer has a network that's Juniper based. We've inherited a load of Cisco switches as part of the deal for hosting matches during the Rugby world cup (plus a load of Aruba wireless gear that promises to be my very own special millstone, but that's bye the bye.)
My task is to hang these catalyst 2960's onto our existing infrastructure via fibre connections.
On the Juniper switch, there are four vlans being pushed to the port the cisco's hooked into: Code...
View 7 Replies
View Related
Nov 1, 2011
Here is the scenario: A mid-sized IP based camera network (150 cameras, 1 management server, several client workstations, and several recording servers) has been implemented on a stand-alone LAN utilizing a class C configuration and is set up as a windows domain. The user now wants to add the ability for workstations on the existing class B network to connect (with client software) to the management server on camera network, network is controlled by enterprise sized domain (Think county). Access is controlled by camera system client software credentials. Here are my questions:
1) What is the best way to do this and what hardware is required? I thought about just adding a NIC to the management server but am concerned about the 2 different domains playing well together. Would a router be best? What do I need to consider as far as setting up firewall and/or gateway?
2) What considerations do I need to take into account regarding the camera network not taking bogging down existing user network?
3) The workstations on the camera network are not as “locked down” as they are on the user network (again, think county network security). Will I be creating a security hazard and if so, how can I prevent this?
View 4 Replies
View Related
Jul 13, 2012
At the moment I have my home network (192.168.0.0/24) like as below (all connect using straight cables): [code] My Cisco lab equipment are in the basement all connecting to an access server which at the moment is plugged into Switch3-dumb (along with a printer & NAS).What I'm thinking is to replace the Switch3-dumb with a 3550 I'll be picking up later this week.Then using this to do as the Switch3-dumb did maybe by creating a native 'vlan 192' & putting it into a gig interface which will connect to the network using the straight cable, also putting the printer & NAS into the same vlan.This will hopefully still give me connectivity throughout.Then when required I'll like to use the 3550 with the rest of my Cisco equipment for setting up different labs (segmenting them from the home network by using different vlans etc.One of my reasons to implement the 3550 into the home network is to be able to play about on a regular basis (port monitor, traffic stats, etc).
View 2 Replies
View Related
Jul 20, 2011
I'm trying to test fast roaming using a Cisco 2100 Series controller and 2 1140 APs. The initial authentication succeeds fine and the wireless connection works ok using WPA2+CCKM and LEAP with a Cisco ACS radius server.The problem is that the client does not attempt to preauthenticate with the other AP because the RSN Capabilities IE in the AP beacons and probe responses do not set the RSN Preauthentication capable bit. I can't figure out what it takes to get the APs to indicate to clients that it can do preauthentication. I'm been crawling through all the documentation I can find, to no avail.
View 1 Replies
View Related
Aug 22, 2011
We are about to share a 10 MBit ISP connection with 2 others companies, and they are going to split the bill up into 3,3 and 4 Mbit, so we where thinking that we could setup a switch before their and ours router and provide them with a static IP from our ISP. But is it possible to set a bandwidth limit on the ports of a Cisco Catalyst 2960-8TC, so that we can set a limit of 3,3 and 4 on 3 ports.
View 1 Replies
View Related
Dec 3, 2011
I want to PAT my project of WLAN and i attached the document, how I create the Testing Criteria of the said scenarios, PAT document includes WCS 7.0, WLC 5508, MSE 3310, Cisco AP 3502e and ACS 4.2.
View 0 Replies
View Related
Jul 12, 2012
I have cisco ASA5510 firewall using in my network but unable to bolck Url's unwanted. can i block the [URL] on the asa by using regular exp.
View 3 Replies
View Related
Mar 1, 2012
I have 7 POE switches that have ESI IP phones attached. I have two VLANS, 1 and 2. VLAN 2 is used for voice and is defined in each switch.The ESI IP phones connect to my POE switch ports and the pc attaches through the ESI IP phone.
I have had voice quality issue between floors in my building. Talking to others on my floor via the IP phone, there are no voice quality issues. [code]
View 1 Replies
View Related
Nov 18, 2012
is it possible to connect Cisco Ap-1242AG with non-cisco wireless router to work as repeater?
View 1 Replies
View Related
May 1, 2012
I am looking at a config on a 5550 FW, and am trying to make sense of the syntax of the following rules. I have been to the Cisco site, but can't find much on the syntax.
View 8 Replies
View Related
Mar 10, 2011
I currently use a device called the Access Enforcer which runs OpenBSD. I have 3 stable, working VPN tunnel's where the other side's device is a Cisco ASA 5520 or 5540. I was setting up my 4th VPN where the other side used a Cisco ASA 5520 and ran into issue's. The Cisco side can bring up the tunnel. Once the tunnel is up each side can talk to the other side. However, when the tunnel is dropped, the OpenBSD side cannot bring up the tunnel. The error received is on the OpenBSD device is "isakmpd[29581]: transport_send_messages: giving up on exchange from-XX.X.X.0/24-to-XX.XXX.XXX.240, no response from peer XX.XX.XXX.141:4500". I have been trying to figure this out for weeks now and can't seem to find the cause.
View 3 Replies
View Related
Dec 5, 2011
I am trying to configure a 3750G that has been sitting on the shelf for several months and am getting the following error -
% Error: Unable to create flash:/microcode_update% Error: It must not already exist
Normally, getting an error during POST isnt a good thing. My first thought was that flash was corrupted or flagged RO somehow. I did fsck flash: with no change. I next tried fsck /test flash:. It tested 77 blocks and performed 0 erasures. It had been running for about 15 minutes with no problems reported so far. Multiple reboots of the switch still report the same error.
I have reviewed the history of what I have done on this switch and finally think I found the problem. I noticed a microcode_update directory that I am not used to see on a 3750. Deleted the directory using the rmdir command and rebooted the switch. On reboot, I noticed that a front_end/ directory was listed as being created as well as fe_type_1 and fe_type_2 were created. The switch now boots up without any errors.
View 3 Replies
View Related
Jan 3, 2013
I have two Cisco Aironets 1401 connected to a Cisco Catalyst 3560 Switch. When users log onto the Wifi the APs authenticate with a Freeradius that then authenticates with LDAP.
Recently users have been getting kicked off of the network but I'm not sure why.If so how do I set these APs to roam with my setupd?For all I know there could be an issue with the switch I'm just not sure where to start when it comes to troubleshooting this issue.
View 17 Replies
View Related
Dec 29, 2012
Guys I am using a cisco 2911 router with three interfaces: Gi0/0 connected through a switch to all my servers and Gi0/2 which will connect to another server, and Gi0/1 is my outside interface connecting through a switch to two ISP's.I have webservers and Terminal servers/File Servers with 10.0.0.0 network address connected throught My Gi0/0 interface.Now I want to implement a Cisco Advanced firewall for security on my router using CCP.I want the firewall to work such that it allows external users to access the servers on Gi0/0 through ports 0,23,25,20,21,53, 110,3389. and to access the SIP server on Gi0/2. My issue is can i just create two DMZ's for both interface Gi0/0 and Gi0/2 without creating an inside zone and Gi0/1 as outside zone as my internal traffic is mostly server based and the users connect remotely through terminal server to access resourcess using RDP, secondly how do I open the relevant ports.I have checked alot and all I have seen is just basic process on using the wizard I have no idea how to go about this issue.
View 19 Replies
View Related
Mar 30, 2011
I bought a new cisco 3550 switch to prepare for my Cisco certification prepration. Actually i dont know how to connect the cisco switch to a laptop with only usb ports....... earlier i used to do my practise using Cisco packet tracer but i think for CCNP switch that is not enough thats y i bought second hand switch. how can i connect that switch with my toshiba laptop which has only USB ports. do i need to buy some sort of convertor or other hardware. And if so what does u call it and how much does it cost?
View 5 Replies
View Related
Apr 14, 2013
I am struggling to have my PPTP traffic to get routed through NAT to reach other Server LAN segment. I am using Cisco 2921 router as a PPTP server.This Cisco 2921 router is working as PPTP server and doing NAT also to reach Server LAN segment (LAN-B).My problem is after PPTP connection establishes I cannot reach any of the LAN segment, but after connecting PPTP I can browse Internet without any issue, but none of the LAN element is reachable. Please have a look on the configuration I am posting 2921 router configuration to suggest something, I have also attached the network setup for better understanding…Just to update Clients in LAN-A can access Internet as well as servers (LAN-B). [code]
View 2 Replies
View Related
Dec 8, 2011
I would like to know the IOS which supports :ACL Support for Filtering on TTL Value feature on my Cisco 7600 device. I check on cisco and found the Cisco 12.4T release but this software doesn't fit onto my chasis. which software should I upgrade to on my cisco 7600 to have this feature.
View 5 Replies
View Related
Feb 27, 2012
I have a cisco router I would like to reset the password for. Its the first password that is entered. for exampleUser access verificationPassword:I have changed the en password using this command:router(config)#enable secret cisco123 <---example password
View 5 Replies
View Related
Jul 19, 2012
I finally got the Site to Site Vpn from our corporate to remote site. Is there a way to connect a cisco phone over that network. Since both Voice Vlans are exempt from acl I would imagine all traffic is clear to go accross? and if so I just have to set the phone to our tftp/ccme. Will that work.
View 2 Replies
View Related
Nov 6, 2011
I want to create a user who only has access to "router>" prompt on the CLI. this user should not be able to do enable command and by no other means be able to go to global configuration mode. I know the command router(conf t)# username ABC privilege 1 password ABCPASS, but even with this command, this user gets privilege 15 access.
View 2 Replies
View Related
Dec 27, 2012
I have the CISCO 1800 and I have there the HWIC-2T. I have two questions.First is an easy one. I want to replace the HWIC-2T with HWIC-4T but the CISCO 1800 guide and the HWIC-4T guide says that they dont fit together but I inserted the HWIC-4T in to the CISCO 1800 it recognized him with all the 4 Smart Serial ports that it hase. The question is, how can I check if the CISCO 1800 supports the HWIC-4T?Second question is how can I configure one of the Smart Serials in the HWIC-2T/4T to comunicate with the X.25 Protocol? What I have now is at one end CISCO 1800 and at the other end CISCO 2800 and they are comunicating with each other throught one of the Smart Serials they have. I want to connect to each one of then an old pc that comunicate only with X.25 and I want this two computers to comunicate with each other throught those two routers.
View 2 Replies
View Related
Aug 8, 2012
We're currently evaluating Cisco Prime LMS 4.2.Something we've been trying to achieve for the past couple of days is to have LMS notify us when a Microsoft Host is Unreachable, and then to notify us once that alarm has cleared (the Microsoft Host is Reachable again).
We're at the point where the Microsoft Host was discovered, LMS incorrectly identified it as a Cisco Call Manager, so we changed it's identity to non-cisco device > microsoft host > microsoft host. LMS currently has the device listed as being in the 'Questioned' state. SNMP timeout has been set to 15 seconds, and the SNMP community is correct.
Being new to LMS Prime, and having not received any training on the product to this point, we turned to the admin guide, but we couldn't find anything that goes into detail for how to manage the notification for non-Cisco devices.
Is what we're trying to achieve possible with Cisco Prime LMS 4.2? We just want to be able to receive simple 'host unreachable' notifications for Microsoft servers, and the corresponding 'cleared' notifications once the server is back online.
View 2 Replies
View Related
Feb 13, 2013
I'm trying to understand CEF; I know it's used most commonly in layer 3 switches but that routers can also do it. The routers that support CEF must have special hardware I'm assuming? (Since CEF is layer 3 processes in ASICs) How can we check if a router is capable of CEF? Does anyone know a good link/graphic that shows how much faster CEF is than software-based layer 3 processes?
View 10 Replies
View Related
