I have not used the ACS5.1 yet so watch out for the easy questions
1) Is it possible to generate report for the users who are inactive for say last 30 days? Customer is looking to audit these users to see if they really need access to any device.
2) Are there any known issues while assigning the priviligaes level to users. In current implementation of this customer users are always logged into priv 1 though they are assigning the priv level of 5. I understand with ACS 4.x we can enable the exec process and assign the priv under user/group policy. What are the configurations that customer might be possiby missing in this case?
3) Is there any SNMP or other notification available in ACS 5.1 where admin can be notified at the time a particulat set of user logs in.
I am in the process of testing VA5(1.2) version of ACE on ACE4710 appliance.I did redundnacy configuration and it is working fine.I have done the snmp configuration and SNMP trap receiver is able to recieve traps like link up/down, so it proves that SNMP configuration is working fine, but i am not able to generate the SNMP trap notification for "clrRedundancyStateChange".I tried two things:
1) Via CLI, ran the command "ft switchover all" and i could see redundancy state changes.
2) Powered down Active 4710 appliance and standby ACE 4710 appliance taking over as Active.
However, none of the above could generate the trap clrRedundancyStateChange. how this trap can be generated? In snmp-server enable traps commands doesn't have any option for enabling FT related traps.
We have two ACE4710 in a failover configuration with Software version A4(2.0). SNMP is setup and the receiver is able to receive SNMP traps.The issue is we are receiving a linkDown trap notification at least once every other day, followed shortly by a linkUp notification a minute later. We have checked all layer 2 devices connected to the ACE and cannot see any evidence that any link actually disconnected. We experienced no traffic lost, but this could be because a couple of the ACE links are bundled. The trap notification does not actually indicate which interface changed status. All links are Gigabits, and there are no packet drops either on the ACE or the layer 2 switch.
Now I'm trying to write software that get information from Syslog message, but I'm facing with the problem about getting statistic of client de-authenticated in a WLC (Software Version: 7.0.98.0), because I cannot find any log about this information on WLC except only this SNMP trap:
Tue Aug 23 09:52:28 2011Client Deauthenticated: MACAddress:00:xx:77:2c:06:db Base Radio MAC:00:xx:5d:0c:fc:30 Slot: 0 User Name: unknown Ip Address: 10.2xx.47.15 Reason:Unspecified ReasonCode: 1
So, is there any way that I can configure WLC to convert this SNMP trap to send to Syslog server as a normal Syslog message?
Add the ability to send syslog events to multiple syslog servers in the SA500 Series routers. I know the functionality is currently in the RV220W because we utilized it. It would be great if you could configure the syslog servers by event type as well. For example, being able to send the kernel events to syslog server A, and all other events to syslog server B.
Recently i have upgraded the IOS of ASA5550 (in HA mode) to 8.4.2 from 8.0.5, after OS upgrade we found that the syslog from thses firewalls are not getting captured/transfered to centralised syslog server. The server is reachable from the firewalls.
I want to configure E-mail fault notification in LMS 4.0. So Where i will configure E-mail settings like username, password, mail server IP address in LMS. We are using e-mail service hosted in gmail. Through this mail service ca we able to use email notification.?
Have a setup for Cisco LMS3.2.1 which is a recent upgrade, also RME 4.3.2 and CM 5.2.2. Is it possible for the DFM to generate alerts such as email notification to user defined group (subnet grouped). These alerts should be critical in in nature.
I'm needing to be able to send e-mail nofigication when one of our network devices isn't able to be access. I have looked at the DFM configuration but I'm a little confused to how to set this up so that we don't get inundated with to many e-mails.
I am trying to setup Fault Monitoring on LMS 4.0. When I try to create a Fault Notification Group no devices are listed. They appear to be listed in all other places so I am at a loss as to explain why they are not appearing.
Has any one got a working setup for SSL VPN users in regards to notification about password is going to expire and then providing the VPN user the opportunity to change password during the VPN login process, involving ASA5520 - ACS Radius server - Active Directory Our VPN users are connecting with Cisco Any Connect VPN Client V.2.5.3046 to a ASA5520 running 8.4(1), all user validation is handled via Radius though a Cisco ACS 5.2 server, which in turn validates the users up against MS Active Directory.
For the relevant connection profile on the ASA, the options Advanced / General/ Password Management / Enable password management has been selected together with the Notify user 14 days prior to password expiration, as mentioned its connecting to a Cisco ACS Radius server with MSCHAPv2 enabled on both the ASA and ACS.
On the ACS server under users and Identity Stores > External Identity Stores > Active Directory we have a successful bind to the AD, the values End User Authentication Settings > Enable password change has been selected.
Just to make sure the password notification function is working in the first place I change the ASA5520 AAA Server group to use LDAP instead of Radius and configured a direct path towards one of our domain controllers, sure enough when the user logged in he got a notification about the password would expire in xx days and then provided with a option to change the password right away or just connect with the current password.
The thing is I don’t want to just use LDAP for VPN authentication, I have quite a expensive setup on the ACS servers with unique ACL's for various group of employees and especially for external consultants, I also use the ACS for customization for webpage and resources when Web VPN is used.
Can it really be so that password expiration notification only works using LDAP, and if this is really the case, is there any way to configure Dual Authentication, so I could first validate the user against LDAP and next against the ACS??
(Side note: I tried to configure the ASA to use LDAP as normal Authentication and then the ACS as Authorization, but it failed, first off because the ASA started to use PAP/ASCII against the ACS and even if I allowed that, it seemed like the ASA wasn’t parsing the users password onwards, with the result that ACS failed and the user account ended up getting locked out in the AD).
Is it possible to have email notification when a rule is hit on the ACS(5.1)?
Ive had a look around and cannot see any options, the server team seem to think its not possible to have this triggered from AD either on a side note, where are the SMTP settings on the ACS?
I'm in the process of reconfiguring our DFM module have some significant network changes. I've reinitialized the modules databases and manually imported a test group of routers into DFMs device management. The devices have been found and have a known status in the device summary.When I begin the process to create a notification group for email based notifications, the notification group selection window shows no devices available. If I manually search for the devices, I am able to find them, but after selecting them, I'm given the following error:"The devices contaminated in the subscription are no longer found in the inventory"I've confirmed the devices existence in CS and RME.
We have the RVS4000 and have IPS turned on. How can I be notified (email would work) when updates to the IPS signatures are available, so I can keep our IPS signatures current?
I'm on a network in an office where each person's computer has different specs, some PC, some Mac. We all share files off a common drive, either using it directly, or, copying it to our local machine to work on it then return it to the shared drive. I'm looking for a way to attach a notification to a file to let everyone know it has been "signed out" by someone, to avoid two people taking the same file at the same time.I looked at a simple program called Shediko Badges, which puts a badge over the icon, by right clickingon the file and choosing a badge from a menu, and undone just as easily, however, it can't be seen by everyone else on the network. This is the sort of thing I'm looking for, simple, cheap or free, that somehow marks a specific file without changing the name. It could be a colour change, an icon change... whatever, ideally with several options, for example where a different colour could be assigned to each person in the office, similar to the coloured labels on a Mac.
I lost my internet connection icon in windows 7. When connected, the network notification and icon appears at the taskbar and displays how many bar signal the network has and it was working even earlier this afternoon here. I just used my wired connection for a short time and as i stopped using it then i discovered the wireless connection bar signal is lost, all for me to see a ' Round Star' in the bar side of my internet icon. Am connected to the internet but i can't my connection signal and i tried to restore my computer but after i do that i get a dialog say 'The system restore did not completely succesfully because an anti-virus is running on this computer and has prevented it from changing the settings, turn off anti-virus ans try again' but i have no anti-virus program on my PC.
Per PCI & company policy all VPN users have a 12 hour session limit. They will disconnected after 12 hours regardless of use. Is there any way to send a message prior to the 12 hour limit to warn the users that they will be disconnected in x minutes? I'm running SSL VPN on a ASA 5520 ver 8.4(1)
I'm trying to configure an snmp notification reciever on WCS 7.0, so that critical alarms get reported to our central console. Following the configuration guide I was able to add the reciever as northbound, but after adding it I get an alarm saying that it is unreachable by WCS so all alarm notification will be suspended. I have tested snmp and ping connectivity between the WCS box and the notification reciever and it works ok, is there some other traffic that I might be missing?. I've seen some packets going from the WCS box to TCP port 7 on the reciever, which as far as I know is the echo service, is that what WCS uses to test connectivity?
Can the DCS-942L be configured to send the "Video Clip Notification" email video attachments as MP4 as opposed to AVI? The iPhone can not play AVI files, so I'm forced to use the snapshot feature which misses a lot of the motion. I have a Linksys WVC80N that allows me to send video email attachments in MP4 format that works great, but I would like to have this ability on my two D-link DCS-942L cameras as well. If there is no way to send MP4 video email attachments... is this something that could be added as part of a firmware upgrade?
Cisco works LMS 4 is very complicated tool for me and it is very hard to configure any cisco device what I need to monitor.Currently I have 3750-X configured, properly discovered and added to DCR. I would like to receive SMTP messages(mail) from LMS if some event occurs. For example when link UPDOWN occurs or when LOGIN_FAILED occurs and so on. I tried to configure it in Monitor > Monitoring Tools > Fault Monito, but without siccess. LMS tell me that there are no devices available.How can I configure some notification so it is able to send me message via smtp?
We are having some problems with the CPU levels of a 2960 switch. We have configure SNMP notification with the following command:process cpu threshold type total rising 70 interval 5 As we understand, that command is configuring the switch to send an SNMP trap when the total CPU load is over 70%. We don't know what INTERVAL means because if we read Cisco documentation, it says:5-second polling interval.But we don't understand that if that means that the CPU utilization is going to check each 5 seconds or that the 70% CPU load needs to remain in that level during 5 seconds to trigger the TRAP.....
Our customer has an ASA5520 Security appliance, I have already config the remote vpn in asa , user can logon via internet by vpn client and can access internal network,customer hope us can make some configuration if the remote user logon asa by vpn and notify them someone login their vpn by email .
I am trying to find a way of sending a notification message to computers that have been "woken up" by Wake On LAN, so that the user knows there computer is now up.
Is there a way to configure an email notification for a specific authentication failure? Specifically, I'd like to see if I can have an email notifcation sent to me when failure reason is "13017 Received TACACS+ packet from unknown Network Device or AAA Client".
Motion detection is setup - and I can see in the log and on the Live Video "Motion Trigger Indicator" that this part is working. I can also send test-emails, so the smtp is set up correct. In the Event Setup I have a valid server and a motion triggered event with the status ON. But no emails are sent . In the log there is also no indication of the server trying. Am I missing something - or is this not working for anybody?
And - there is no firmware beyond 1.0 for this model as far as I can see.
P.S. I am using a Gmail account for smtp, port 587 and using startTLS to send with,
I created some User Defined Groups in LMS 4.1, now I want to apply certain fault notification groups to Event Sets.
Unfortunately the Groups I configured are not in the Group Selector of the Fault Notification Group: Admin > Network > Notification and Action Settings > Fault Notification Group