Cisco Security :: ACS 4.2 And SecurID RSA Integration

Feb 5, 2013

We have cisco ACS 4.2 installed on windows 2003 with secondary ACS on another machine. Database replication is okay.We installed primary SecurID RSA authentication manager on Primary ACS and is working okay as well.
 
Now we installed secondary SecurID RSA authentication  manager on secondary ACS.
 
I have copied the required dll file (aceclnt.dll) to system32 folder from secondary SecurID RSA. SecurID RSA team gave me sdconf.rec file to be uploaded on ACS, but after creating new external DB (RSA Token), I do not see the option to upload the sdconf.rec file.
 
So without uploading sdconf.rec file, we shut down primary ACS service and tried to connect vpn, the request goes to secondary ACS, but it always tries to communicate with primary SecurID RSA authentication manager and getting attached screen on primary RSA authentication manager.

What is the exact procedure to be carried out toconfigure cisco ACS and SecurID RSA in high availibity option ?

View 2 Replies


ADVERTISEMENT

Cisco Security :: A120 ACS - 2nd NIC Card For RSA Securid Appliance

May 20, 2012

I have RSA Securid appliance 3.0 "A120"  V 7.1 Sp4  and Cisco Secure Access Control System (ACS) Appliance V4.1.1 (build 23)..I make  communication between the Cisco Secure ACS and the RSA Securid appliance using RADIUS Protocol .I only configure 1st IP for RSA appliance and Add this ip In cisco ACS  and i go through implementation guide that is attached in this discussion  all things is fine in authentication.
 
now i enabled second IP for RSA but i did not know how to configure the Cisco ACS to know Second IP for RSA?

View 1 Replies View Related

Cisco Security :: VPN Client V5 And Active Directory 2008 Integration?

May 16, 2012

i need to know if i can integrate Single Sign On to my Cisco VPN Client v.5 with my Active Directory which run on windows 2008

View 2 Replies View Related

Cisco :: LMS 3.2.1 And ACS 5.3 Integration?

Mar 1, 2012

Is integration of LMS 3.2.1 with ACS 5.3 now possible ? (I understood from this forum that early ACS 5.x could not integrate wih LMS 3.2, but that this feature would be restored at one point in time (5.1?)).

View 1 Replies View Related

Cisco AAA/Identity/Nac :: ACS 5.1 With AD Integration

Mar 14, 2011

first i configure the ACS to Synchronize time from AD as NTP server second when i configure the integration between the ACS and AD and test the connection there is no output from this test but i see that the domain is connected and the end of the page the problem is when i try to navigate the groups by go to directory group and use select there is no output.

View 3 Replies View Related

Cisco AAA/Identity/Nac :: WLC Integration With NAC 4.9(1) L3 OOB

Apr 15, 2013

Is it possible to integrate a WLC with a NAC 4.9(1) L3 OOB? I can't find any documentation that says that it is possible or not.

View 9 Replies View Related

Cisco AAA/Identity/Nac :: ACS 5.3 Integration With RSA?

Dec 24, 2012

I have Integrated the ACS 5.3 with AD.Now my next goal is to Integrate ACS with RSA in such a way that all my Cisco devices should use the username and password from the AD.The enable privilege level should come from the RSA Token OTP.Is it possible to do such a thing with ACS 5.3?

View 3 Replies View Related

Cisco AAA/Identity/Nac :: Integration Of WLC (7.0.235) With ISE?

Nov 20, 2011

We have a customer who wants to configure his guest wireless network in such way that the guest should fill in a self registration form and generate the username and password themselves. For this purpose we are using cisco ISE but we don't know how to integrate it with cisco WLC.

View 1 Replies View Related

Cisco :: CW LMS 3.2 DB Views Integration With HP DDM

Feb 12, 2012

Our DDM admin would like to pull device information from LMS. I've enabled DB Views (ODBC) access and tested from my desktop that I can query the data successfully. The DDM admin is telling me DDM requires access to several master tables - sysservers, sysdatabases, syslogins, etc..before he can query the RME/ANI device data. Does these master system tables are available, exposed or even exist in LMS? I can't find them.

View 1 Replies View Related

Cisco AAA/Identity/Nac :: Integration Of ACS 4.2 With AD

Jun 24, 2012

We have an ACS running 4.2. I am sure that this ACS is talking to our AD database because our wireless users (using ACS as RADIUS servers) are able to log in using their Windows AD account.
 
However, I am not sure how ACS is integrated with AD. Our ACS is installed on a windows 2003 R2 server. I am not sure where the AD database is?  ie,if AD is on the same server as ACS OR on a different server [ADs managed by different group altogether :-(  ].

How is the integration done between ACS and AD when both are on the same windows server? And How is the integration done between ACS and AD when they are on different windows servers?

ACS is software installed on windows 2003 R2 server.

View 2 Replies View Related

Cisco AAA/Identity/Nac :: ACS 4.2 Integration With AD 2008 R1?

Jul 13, 2011

I have configured my WLC 4402 for Radius authentication using Cisco ACS server version 4.2 Patch 4. When using Local Database of ACS my Wireless Users are able to authenticate but users are not able to authenticate from External Database of Windows AD 2008 R1.
 
In ACS logs I am getting the this error- Authentication session timed out. Challenge not provided by client.

View 3 Replies View Related

Cisco AAA/Identity/Nac :: Prime NCS Integration With ACS 5.1?

Jan 29, 2013

We've an issue with authorization on NCS system. NCS successfully integrated witch ACS, but there is a problem with one user. All users have equivalent rights under root. There is shell profile with all possible tasks (exported from NCS server) configured on ACS. All users exept this one (unlucky one:)) authorizes successfully.  In  ACS logs, authentification and authorization status for this user is passed and all attributes (policy, profile, AV-pairs e.t.c.) is the same as for another users. This 'unlucky' user gets a following message: There is surely no browser or network issue. Tried from different PCs with same result. There is no any local info related to this username on the NCS server. When i change one charecter in the username on his ACS account, everything works well.

Our ACS v
Version 5.1.0.44.X
And NCS
Version : 1.1.2.X

View 1 Replies View Related

Cisco :: For RADIUS Integration Between WLC 5508 And MS NPS

Nov 3, 2012

We are trying to integrate Cisco WLC 5508 and Microsoft NPS 2008 to allow users to use their AD username and password to authenticate to the wireless network.I basically followed the following document but with no luck (Appendix B): URL I'v went through some threads in this forum but also with no luck,Basically, we are recieving the follwoing error in NPS event viewer:A RADIUS message was received from RADIUS client a.a.a.a with an invalid authenticator. This is typically caused by mismatched shared secrets. Verify the configuration of the shared secret for the RADIUS client in the Network Policy Server snap-in and the configuration of the network access server.

View 2 Replies View Related

Cisco Application :: ACE 4700 With IPS Integration?

Jan 12, 2012

We are planning to deploy a  Application Controle Engine - ACE family - and need to close the gap related to OWASP threat list masures.for what i could find in the information about ACE solution it seems that ACE does'nt have OWASP relations and need to deploy a IPS (Intrusion Prevention System) which seems to hold and apply to OWASP threat list vulnerabilities.question is it possible to deploy a ACE 4710 with a IPS 4200 as one or a inline deployment scenario ?

View 1 Replies View Related

Cisco Wireless :: ISE And Prime 1.3 Integration

May 26, 2013

What are the configuration required on ISE to integrate with Prime 1.3.0.20?,On PI side, I have added ISE in the below path.Design-> External Management Servers -> ISE Servers.

Apart from this anything else to be done on ??

View 4 Replies View Related

AAA/Identity/Nac :: Cisco ACS 1121 Integration With AD?

May 15, 2011

integrated the Cisco ACS 1121 with 5.1 and AD and been able to use multiple policies to permit or deny access to different NDG?  I am able to authenticate agains AD but I am having an issue with getting the policies to use the user memberOf attribute to set access levels. 

View 1 Replies View Related

Cisco Wireless :: WLC 2500 With AD Integration

Jan 3, 2012

I have a scenario where we have
 
Cisco 1300 Outdoor APs
Cisco 3600 Indoor APs
WLC 2500
 
Now i need to integrate the WLC with Windows 2008 AD for authentication.The idea is to let the users authenticate via AD for accesing the wireless network.
 
Will the integration work with NPS?

View 2 Replies View Related

Cisco AAA/Identity/Nac :: ACS 5.2 Integration With LDAP?

Jun 22, 2011

provide me  Step by Step procedure for integrating LDAP with ACS 5.2 .

View 1 Replies View Related

Cisco AAA/Identity/Nac :: ISE 1.1.1 With Domino LDAP Integration?

Oct 23, 2012

know about Domino LDAP ? I would like to integrate this LDAP with Cisco ISE.I try to bind this LDAP but it does not show me anything in "Naming Context". So I cannot choose group to map into ISE.I test this on WLC. It is success to do but cannot make the same thing with Cisco ISE.Is this LDAP supports with Cisco ISE 1.1.1 ?

View 3 Replies View Related

Cisco AAA/Identity/Nac :: Active Directory Integration Acs 5.1?

Aug 24, 2011

I'm attempting to integrate an acs 5v into the domain through the gui. The connection will establish, and the status will read 'connected', just as it lists the domain I've submitted. However, I can't seem to find anything listed under the directory groups, and when I run a connection test, I simply get 'Global Catalogue port status error.' Eventually, I'd like to configure this as a radius server.

View 1 Replies View Related

Cisco :: WLC 2500 Active Directory Integration?

Apr 10, 2012

I recently bought a Cisco WLC 2500. I want to configure a WLAN with Active directory authentication.How I can do this?

View 4 Replies View Related

Cisco :: LMS 3.2 Integration With Microsoft Active Directory

Jun 14, 2012

i need a documentation or a procedure to how make integration LMS 3.2 with microsoft active directory to make usernames of devices  appear in end hosts reports.

View 2 Replies View Related

Cisco AAA/Identity/Nac :: ACS 5.2 Integration With RSA Allow Only One Login Every Minute?

Nov 1, 2011

I have an ACS 5,2.0.26-8 running on VM intergrated with RSA. Users are able to login using their RSA passcode for network management utilizing TACACS. The problem seam to be related with RSA token caching. Once a user login sucessful on device A using current token he can not login with the same token on another device. User must wait for a new token and then he can login again.  Before moving to ACS 5.2 we were using ACS 4.2 (intergrated with the same RSA) and back then ACS 4.2 cache passcode so user where able to login on devices using the same passcode. When the token change user have to use the new one. providing the same functionality like the "Token Card Settings" Durantion option under group properties, to cache token for a specific period. The global option for caching under RSA definition on 5.2 does not solve the problem.

View 4 Replies View Related

Cisco AAA/Identity/Nac :: ACS 5.1 Integration With NGenius Server

Mar 8, 2011

I'm currently working on ACS 5.1 to use it as AAA server for Netscout NGenius.I followed a guide for ACS 4.2 and tried to replicate the configuration settings in ACS 5.1.
 
- created a host profile on network devices and AAA clients having the same shared key with NGenius
 
- added three (3) NGenius required attributes in system administration > configuration > identity > internal users
 
- added attribute values to Internal User database
 
- created an access policy:
         
* identity pointing to Internal Users
 
- edit serverprivate.properties in NGenius server to match the requirements
 
I would like to have NGenius authenticate via ACS 5.1, but as of the moment there is an error message that I receive:

Unicentified error, Code=16510, Details: AV pairs do not match NGenius format ::<insert tacacs username here>, Severity 1, Code: 16510.

View 2 Replies View Related

Cisco AAA/Identity/Nac :: ACS 5.2 Active Directory Integration

Apr 24, 2012

A customer uses Active Directory where some group names contain special characters (ç ~ '^). The Cisco ACS 5.2 is presenting the warnings: "Not all Active Directory user groups are retrieved successfully. One or more of thegroup's canonical name was not retrieved "(Category CSC Oacs_ Identity_ Stores_Diagnostics; code 24457).

What are the results of these warnings to the customer's network? Slow? Loss of access?

View 1 Replies View Related

Cisco AAA / Identity / Nac :: Nexus 7009 - Integration Of ACS With RSA

May 29, 2012

We have Nexus7009 at client network but due to limitation of Nexus switches that they can not be directly integrate Nexus with RSA so client has purchased cisco ACS for the AAA. We are able to do the authentication and authorization via ACS.However clients wants to further integrate the ACS with RSA so that authentication should happen via RSA and authorization should happen ACS. Is that possible ? if yes, how can i configure the ACS ?

View 5 Replies View Related

Cisco AAA/Identity/Nac :: Integration Of ACS 4.2 And MS Active Directory

Oct 21, 2010

configure the Cisco ACS to authenticate the users from MS Active Directory. Cisco Acs = 4.2.1(15)Currently, i have multiple users configured as local databse. but now i want to authenticate with the domain users.

View 11 Replies View Related

Cisco AAA/Identity/Nac :: ACS 5.2 Multi Forest AD Integration?

Aug 24, 2011

Domain A (Forest 1) <--Two Way Trust--> Domain B (Forest 2)
 
ACS is joined to domain A.
 
My question is AD integration (Not LDAP) supported between 2 domains in different forests?

View 1 Replies View Related

Cisco AAA/Identity/Nac :: Integration ACS 5.2 With Other Device (sandvine)

Sep 18, 2012

I have a ACS version 5.2 (TACACS) where I require equipment integrated with Sandvine, I currently looking information and very little to manage the integration of ACS with these teams Sandvine.
 
I have an information on the provider Sandvine with a guide to the case where only states:

TACACS + server
On a TACACS + server, each user entry must allow the service "Sandvine". Within this
service, the attribute-value pairs Following can exist:
• An attribute named "Sandvine-Group" of type string.

[Code]......

View 4 Replies View Related

AAA/Identity/Nac :: ACS 5.2 Integration With Safe Connect?

Jan 26, 2012

I am having an issue upgrading from 4.1 to 5.2 in regards to interoperability with our SafeConnect appliance.  When I bring 5.2 online, Safe Connect reacts and causes network outages. 

View 0 Replies View Related

Cisco AAA/Identity/Nac :: ACS 5.2 Integration With AD Windows 2000 Advanced SP4?

Dec 13, 2012

I'm having a issue when configuring Cisco ACS 5.2 appliance 1121 to integrate windows 2000 Active Directory as an External Users Database.I'm using an account with administrator privileges on AD (can create computer objects).The ACS register itself successfully to the domain but it doesn't retrieve the AD Groups, even when i change the seach base and filter.At this link says that ACS supports AD over Windows 2003, 2008 and 2008R2 but it doesnt say that not supports Windows 2000.[URL]

View 2 Replies View Related

Cisco Firewall :: 755629 / VNMC To VCenter Integration

Mar 21, 2013

After integrating vCenter with VNMC I see the ESX hosts that exist on vCenter on VNMC ResourceManagement>Resources>VirtualMachines, but I cannot see any of the VM's that exist on on each of the ESX hosts.Yet, the integration is so straightforward that I have no idea why I'm not getting VM information.Then obviously I cannot match any of the VM attributes on VSG for vZone creation for instance.What can I do to troubleshoot this? VNMC version is 2.0(3)f, vCenter is on 5.0.0 build 755629

View 1 Replies View Related

Cisco AAA/Identity/Nac :: 5508 And Active Directory Integration Using EAP?

May 24, 2011

I have just recently purchased a 5505 Controller and 30 3502i AP's. On my main corporate WLAN, I would like to allow users to be able to authenticate via Active Directory username and password.I am also looking for as little client side set up as possible. From what I have researched, I will need to use some type of EAP method.
 
I have come across two methods that appear to be the top contenders.
 
EAP-FAST - The method seems to be a possibility but I see that it uses certificates. If I use this method, does it mean that I would have to import the certificates to each machine manually? Also, can I configure thsi to work with just the 5508 Controller and an AD Database server or do I need an intermediary like IAS or ACS?
 
PEAP/GTC - This method is also a possibility and I think that it does not require certificates. Does this also require an intermediary like ACS or IAS.

View 3 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved