Cisco :: LMS 4.0 User Account Lock
Mar 25, 2012how many unsucessful attempts a user has to access the LMS application prior to the account being locked? Is this configurable?
View 3 Replies
ADVERTISEMENT
Cisco AAA/Identity/Nac :: Using ACS 5.2 To Lock AD User Account If Too Many Authentication Attempts
Apr 18, 2011I have setup ACS 5.2 in my lab and have it completely funcation with Downloadable ACLs, Dynamic VLANs and the identity store on the backend is Active Directory. I need it to lock a user account in AD if there are to many auth attempts. I have gone into AD and set a max login attempts to 3 but if I continue to fail authentication (on purpose) using radius auth, it never locks out my AD account? I am using the Anyconnect 3.0 with NAM as the supplicant installed on my workstation. I have also configured the switchport that I am connect to with the following commands. I tried the dot1x max-reauth-req 3 command and that didn't really do anything for me either. What am I missing here?
switchport mode access ip access-group 10 in authentication event fail action authorize vlan 40 authentication event no-response action authorize vlan 40 authentication host-mode multi-host authentication priority dot1x mab authentication port-control auto authentication timer reauthenticate 10 authentication timer inactivity 20 authentication violation protect mab dot1x pae authenticator dot1x timeout quiet-period 5 dot1x timeout tx-period 5 dot1x max-req 3 spanning-tree portfast
Cisco AAA/Identity/Nac :: ACS 5.2 Limited User Account?
Mar 29, 2013i have cisco ACS 5.2 and want to create user account for technician, with only certain commands.
View 3 Replies View RelatedHow To Restrict Internet Particular User Account In PC
Mar 2, 2012How to restrict internet particular user account in pc
View 1 Replies View RelatedCisco AAA/Identity/Nac :: Creating Internal User Account In ACS 5.2
Dec 12, 2011I have an ACS 5.2 server integrated with Active directory . Now i need to create an internal user account to login to some radisu devices using internal user database .I have near about 600 users all are authenticating through AD .
View 3 Replies View RelatedLimiting Bandwidth Only For Windows 7 User Account?
Sep 19, 2012how to limit bandwidth only for user account in window 7...My PC has 2 account ..one is admin and other is user ..i need to limit the bandwidth only for user account ,do I need a software for this.
View 3 Replies View RelatedWireless :: 1 User Account Cannot Connect On Internet?
Feb 27, 2011I have a laptop with 2 user account (one for me - administrator and the other for my eleven year old son). Connection is wireless. Until a few months ago everything was working fine and then the problems started: my son could no longer connect on the internet with Explorer and Google Chrome but I managed to connect it via Firefox. And it worked until yesterday. As of yesterday he can no longer connect to the internet even with Firefox. I tried again as an administrator to reinstall Google Chrome, but the icon is shown only on my user account. I took a completely new browser - Opera, but fails to connect. When I go to Diagnose & Repair connection problems - shows no problems. On my account everything is working properly. OS is Windows Vista Home Premium
View 2 Replies View RelatedInternet Data Restriction By User Account?
Aug 2, 2011While I was at school there was a system in place where by you had to enter a user name and password to access the internet. Every student had a data limit like 3GB per month for example. I remember it had something to do with a proxy. I would like to recreate this system on my office LAN as some staff members have been downloading a lot slowing down the (very expensive) Internet connection. Limiting each users data will discourage large downloads.
View 1 Replies View RelatedCisco Routers :: Create Another Account With User Privileges In RV042 V3?
Jul 26, 2012I am just wondering if it is possible to have two user accounts in Cisco RV042 V3 (Firmware: v4.1.1.01-sp (Dec 6 2011 20:03:18). User accounts to mean that one user can access the router with an administrative level access can do all the changes and management of the router's configurations and settings while another user can only do viewing of the system summary tab and connect and manage the simple configuration to connection to the ISP in both WANs, like setting up the connection type and release/renew the ip address for dynamic ip assigned by the ISP DHCP server.
View 1 Replies View Related2008R2 / Cisco2960 - Why Can User Log Into A Domain Account When The Server Is Down
Jan 13, 2012We had a power outage that kicked off our server and our network switch (2008R2, Cisco2960), before we could get it back up, a user was able to log into his laptop.
The user used the domain login - not the local machine account - he obviously wasn't able to access any shared resources, but how did he log in with a domain account, when the server and switch were both off?
Cisco Firewall :: 55010 Local User Account Only For Remote Vpn Access
Jan 12, 2012I would like to create a additional user vpn on a 55010 where the user authenticates with the firewall and not the radius server.This user should NOT be able to log on to the firewall, but only be able to authenticates with the vpn client.I'm correct that the command "username abc123 password abc234 privilege 0" ?Also for this remote vpn how to I make sure the user only authencates with this password?
View 3 Replies View RelatedCisco Wireless :: Set WLC 5508 To Allow Single Web-authentication User Account To Get Connected?
Aug 12, 2011how to set WLC 5508 to allow single create web authentication user account to get connected in a same time. i found that i can use the same username and password combo to be login in 2 machine in the same time.
View 4 Replies View RelatedCisco AAA/Identity/Nac :: Create Report In ACS 4.1 As Per User Account Expiry Date?
Jan 1, 2013We have installed ACS 4.1 as authentication server for wireless SSID. Need to create list of ACS user expired on specific date.Is it possible to create report in ACS 4.1 as per user account expiry date?
View 3 Replies View RelatedLock LAN IPs To Certain MAC Address?
Oct 13, 2011how to lock the MAC address in a system?
View 1 Replies View RelatedLock-up Affecting Our Entire LAN?
Apr 27, 2011I work as an administrator for a small business (~30pc and a Windows 2003 R2 server ).Recently, we started to have problem with our lan, the network start to kinda lock-up randomly. For example, browsing folders is fine then you switch to one and the explorer window just do nothing (with a loading cursor) and after 4 second everything refresh and work again, then in word or any other program (sometime not even related to network files/folder) you press the save button and it do the same, do nothing for 4-5 seconds then refresh and work again.I'm positive that no process on the server take up enough CPU time to do that, it's not a per-pc problem since everybody is affected when the problem start and when I reboot the server it work like a charm for another day then the problem may restart the next day.Nothing show up in the event viewer of both PCs and the server and we can't find a correlation between the problem and high CPU/LAN usage on the server (at worse CPU is used at 10% and LAN at 2%).Our RAID controller and our SAS HDs are working flawlessly, we're in the process to change our infrastructure anyway but since I can refer to people that may know their stuff way more than myself I though Id ask here.We first though that our switches may be in cause but then why rebooting the server would be correcting the problem ?
View 7 Replies View RelatedHow To Lock MAC Address In System
Oct 13, 2011How to lock MAC address in a System?
View 1 Replies View RelatedLock Internet Access For Others?
Mar 9, 2012How do I lock my internet acces so other cannot connect to internet
View 1 Replies View RelatedHow To Find Security Lock
Sep 23, 2012how to find security lock?
View 1 Replies View RelatedD-Link DIR-655 :: Lock Certain Folders On A NAS
Feb 24, 2013I've been trying to set up network filtering, and am having no luck. I'm trying to block certain folders on a NAS (DNS-320). My 8 yo insists that watching The Walking Dead is appropriate. So, I need to block specific subfolders so he can't access them. I would like to keep the NAS available, because there are some ebooks there that he copies to his tablet (Blackberry Playbook) to read. I DON'T want to password protect the DNS-320, because I stream the videos, mainly using XBMC / OpenElec with SAMBA shares. (If not, I can block the table from the whole NAS.) I prefer to block by MAC so there are no IP switches that happen. I also would like to block certain website (youtube) at specific times. Is that possible? Or I can turn off internet for the specified MACs.I wanted to use FREEDNS for the internet filtering, but my providers DSL modem won't keep the changes to DNS server, so that's out.
View 2 Replies View RelatedCisco Routers :: Lock LAN IP To One WAN Port On RV042?
Jun 24, 2012I'd like to use load balancing with the RV042, but I have some devices that don't react well to not always using the same outgoing port (like a credit card machine, for instance). Is it possible for me to create some "rule" with the RV042 that an internal IP address will use a certain WAN port? And if so, when that WAN port goes down will the RV042 fail-over to the other active WAN port? I was able to do this with a Xincom XC-OPG502 (which is being replaced with the RV042).
View 1 Replies View RelatedCisco VPN :: How To Lock VPN Users Into Certain Group-policy With ASA / ACS 8.2
Feb 10, 2011I have a Cisco ASA (8.2) with several group-policies setup. By default, I can hit the SSL page, and have a selection of available group-policies for a user to login to. I want to have different ACLs for each group, to go along with the subnet that each particular group hands out. Right now, as long as a user is authenticated through AAA, they can log in to any group they select, and therefore, have more permissions than another group.
I know how to hide the list, but I need to be able to assign a specific group to a user based on an attribute in ACS.
I've setup ACS to use the "CVPN3000/ASA/PIX7.x-Tunnel-Group-Lock" Atttribute, to which I match the group-policy name in the ASA, to the attribute on the user account in ACS.This doesn't seem to work, and it just throws the user into DfltGrpPlcy, which doesn't give the user anything. So it's either wide-open, or it's broken.
I'm using RADIUS authentication and not TACACS, so it should retrieve the attributes, and according to the ACS, it grabs the attribute during the authentication process.
Cisco Routers :: WRVS4400N Lock Up / Freeze?
May 3, 2013In the last couple weeks my router has begun to lock up / freeze. Not sure the appropriate terminology to use for this. The end result is wireless and wired connections stop functioning. I can't connect to the routers web interface via wired. I can't connect to any of the wireless SIDs. The router just doesn't respond. When I look at the router the lights are still blinking, but nobody seems to be home. I have to unplug the router and do a 30 count and plug it back in to get it to return to working order.At the time that this first occurred I mad not made any changes to the device in months, if not longer. Was running great. Not sure what happened.
View 7 Replies View RelatedTemporarily Lock Out Remote Users?
Dec 30, 2011One of our accounting administrators will be working in our server this weekend from his home remotely. He wanted to know if there was a way I could temporarily lock users from remoting in a few days to prevent them from messing up his work.The only way I could think of was disabling the accounts in Active Directory and then re-enabling them once he was done. Server is running Windows Server 2003 with the users remoting in via RDP. They all have accounts in Active Directory.
View 1 Replies View RelatedTP-Link 3G/3.75G Router :: TL-MR3020 Lock To 2G / 3G Or 4G
Oct 31, 2012Region : Germany
Model : TL-MR3020
Hardware Version : V1
Firmware Version : 3.14.2 Build 120817 Rel.55520n
ISP : T-Mobile
is it at all possible to lock a 2G/3G-Stick to 2G or 3G with the TL-MR3020 (e.g. if the desired network (2G or 3G) strength is low)? If not, this would be a useful feature for upcoming firmware versions
Cisco AAA/Identity/Nac :: Setup ACS 5.2 With An ASA V8.3.2 To Lock Users Into VPN Groups?
Jan 18, 2011I'm trying to setup ACS 5.2 with an ASA v8.3.2 to lock users into VPN groups based on a users AD group. I've tried various combinations but the group lock isn't working. I've done steps 1 & 2 ...
1) Network Devices and AAA Clients -> Define VPN
2) Users and Identity Stores -> Setup AD and Directory Groups, test connection
Policy Elements:
Q1) Policy Elements - Do I need an authorization profile for each group:
Q2) What RADIUS attributes should I use to match my ASA tunnel-groups?
RADIUS-IETF attribute 25?RADIUS-Cisco VPN 3000/ASA/PIX 7.x 85 (Tunnel-Group-Lock)?Other?
Access Policies:
Q1) Do I need to enable and use group mapping?
Q2) Do I need a Network Access Authorization Policy for each group?
Network Security Key To Lock Wireless Internet?
Nov 15, 2011I just hooked up my wireless internet yesterday and I wanted to lock it so no one can use it like the neighbors and when I click on it just now, it asks for the network security key and cant find or even remember and dont know what this is?
View 1 Replies View RelatedHow To Limit Speed To Lock Bandwidth Of Each Computer
Jul 7, 2011I own a cyber cafe. I was told that switches are smart enough to distribute the same speed to all the clients. So I was not worried at first. But now if 2-3 customers starts watching youtube videos the rest starts complaining about the speed. I googled for the solution but got none. How to limit the speed,I want to lock the bandwidth of each computer.
View 8 Replies View RelatedCisco VPN :: ASA 5510 - Group-Lock Not Working With Web VPN And RADIUS Authentication
May 16, 2013I'm on an ASA 5510 running 8.2(5)41. I have clientless WebVPN configured to authenticate against an RSA RADIUS server, which has users assigned to RADIUS Class attribute 25 to match the group-lock values assigned to each ASA group-policy. This of course is to ensure users can only access the login page's drop-down VPN profiles they are assigned to by the RADIUS server. I have two other ASA 5510s (same code level) using the same RADIUS server with group-lock enabled but for IPSec remote access VPN's, and the group-lock feature works fine.
WebVPN, however, is authenticating any user to any VPN profile without regard to the RADIUS Class attribute 25 they are assigned. If I configure the VPN profiles to authenticate locally and assign group-lock to individual ASA user accounts, group-lock works. As soon as I point it back to the RADIUS server, group-lock does nothing. From the 'debug aaa' below for user 'corpvpnstp', you can see the RADIUS server sends back the attribute 25 values of "ou=stp.Client;" and "ou=stp.ClientDRC;" for this user. The ASA profile this user has attempted to connect to is "EMS-Admin", which should get denied by the ASA. Instead, the ASA successfully authenticates the user.
Cisco Switches :: SG-300 Port Lock By BPDUguard Not Visible In WebGUI?
Jan 15, 2012we are starting to replace low budget hubs by the SG-300's. On the accessports we use BPDUguard and mac security (max 1 user per port).
The newest firmware is used (1.1.2.0).
When i lock a port intentionally by connecting e.g. ports 4 and 5 together (something that happens quite frequently by user-faillure) i do not see this in the WEB gui.
The CLI does tell me that the port is locked:
gi4 1G-Copper -- -- -- -- Down* -- --
*: The interface was suspended by the system.
In the webGUI i can reset the port, but in the CLI i don't get how i should do this. I tried a 'shutdown' followed by a ' no shutdown' on CLI interface level, but that does not lift the suspension state.
Questions:
- Possible to lift the suspension state using the CLI ?
- Is there a way to see the lockdown in the webGUI ?
Cisco Routers :: WRV210 Freezes / Hanging / Lock / VPN Don't Reconnect
Dec 21, 2010I'm using two WRV210 Linksys Cisco Routers to create a tunnel between two places with a pppoe adsl internet connection.I made several tests with new 2.xxx and old 1.7xx firmware, and nothing changes.Try to reset to factory defaults, and nothing changes.I have two problems:
1) The router crashes after a time working, usualy around 24 hours, sometimes more, sometimes less. The lights still flashing, but nothing happens, no VPN traffic and no ping response from the router, and of course, no internet access. I could see just that the router works a bit hot, but, I think that is normal.
2) The VPN IPSEC was configured, and both configurations are identical. All value are the same, I am using the dyndns service. So, the VPN quickly connects and I can ping and access remote computers. Windows Folders, VNC, IT'S REALLY WORKS FULL. WORKS REALLY FINE. PERFECT.
BUT, when the router crashes, as I've told on problem 01, after remove the power cord and insert ir again, the VPN don't reconnect.On log's, I could see that it's say that has no preshared key. [code] But, it worked before. Nothing changes, nothing, the router just restarts. No configuration was lost, (I checked the VPN IPSEC TAB), but says that have no preshared key,The unique way to restablish the connection is go on the VPN IPSEC TAB, and change symetrical any configuration, as change MAIN MODE to AGGRESSIVE on both routers.So, now are as MAIN. Tomorow probably it will crash, so, I will have to restart both routers, and change to AGGRESSIVE. So, when it happens again, i will have to back to MAIN.
Cisco Infrastructure :: 2911 TS Causing A-sync Line Lock Out
Oct 31, 2011I have a brand new 2911-TS running 2900-universalk9-mz.SPA.151-4.M1. I have connected the async lines to several devices including ASA5510's, 7206V XR and 6506es. I'm experiencing issues where I go to connect to the console port of one of my devices and my access is denied as if the port was already in a session. I clear the line and try again, same response. If I swap that line with a known functioning line I see lines and lines of output as if the device I was trying to connect to was constantly sending data to the console port. I've not had this problem on any of my older Cisco terminal servers. I opened a TAC case and they had me RMA the HWIC module. I cannot find any information about setting some sort of buffer limit or session timeout. I feel this is a configuration, or mis-configuration issue.
View 8 Replies View RelatedCisco Switching/Routing :: 2960 / Local Subnet MAC Lock-down?
Feb 14, 2012we have some devices on the network which cannot be secured and we need to isolate from the rest of the subnet.Our switches are Cisco 2960.Is it possible to via an ACL local a specifric port down to only allow traffic from specific MAC addresses? I've had a go at this myself but not been able to make any progress. The traffic type is TCP/IP.
View 10 Replies View RelatedCisco AAA/Identity/Nac :: ACS 5.2 User Roles And Restricting User Access To Add Items?
Sep 22, 2011We are running ACS 5.2 patch 6 and want to restrict access for users to be able to add devices to the system.For example, admin person in site A can only add devices into the site A group and cannot see/access other sites groups.
View 1 Replies View Related