Any detailed knowledge about Cisco ACS 5.1 and Windows AD interaction? I wonder why does Cisco ACS domain account must have permission to create/delete domain objects. This fact does really surprided me, because to my mind Cisco ACS only reads domain structure, and does not make any changes.
View 3 RepliesIs there a way to restrict the helpdesk account only able to add/remove MAC address from the host filter table? It would be better if doing this via web or API.
View 1 Replies View RelatedI am trying to setup a VPN with AnyConnect on my ASA5510 and it works fine. I have setup an AAA server group for my Active Directory with the "NT Domain" protocol". Right now, every user is able to connect with their Active Directory credentials. I would like to restrict access to the Anyconnect VPN to only a few users in AD.
View 1 Replies View RelatedI have a customer an exisiting 5505 which connects to multiple sites for a site-to-site VPN. This firewall was not installed by myself originally I have just been asked to take a look now.The situation is that we now need to edit one of the existing site-to-site VPNs to include the remote sites expanded network. I have tried doing this through the ASDM and have found that I cannot add new network objects. I have tried creating a new network object group and then added the new networks from there but I am completely unable to add the new objects.I believe a picture tells a thousand words in this case so I have attached some images which show the problem. I have also tried going through the VPN wizard, this also does not allow me to add new network objects.
View 2 Replies View RelatedHave a long-time friend who is almost totally computer illiterate to whom I provide tech support. He uses MSN Explorer (MSNE) thru Verizon.net, which has been free up 'til now, but beginning March 1, 2012, Verizon is dropping it. I advised him to drop MSNE and switch to FREE Outlook Express (computer OS is XP) or Thunderbird. But as you might expect, he is averse to change. To keep MSNE, he had to subscribe to it and pay the $9.95 annual fee for the basic version, which he did today.However, he has apparently also had, but never used, a Hotmail address, and on the MSNE e-mail page, it shows in the left panel like a separate account. He wants to remove it from MSNE. I know nothing about MSNE; am used to Outlook Express and Thunderbird, both of which have simple access to accounts, including deleting them. I can find nothing in MSNE about deleting the Hotmail account.So how can he delete the link to his Hotmail account?
View 6 Replies View Relatedhow can i delete a belkin wireless router guest account that was configures automatically upon setup?
View 1 Replies View RelatedCannot delete old groups in my contact list
View 1 Replies View RelatedHow to delete non existent domain
View 1 Replies View Relatedhow to export objects (net and security) from an ASA 5500 firewall to a .csv file?
View 1 Replies View RelatedI have a domain server and its has 100 users. some time my users PC Net session Jam. So that time i need to delete the Net session.
View 1 Replies View RelatedTo start off, I work for a small business where we do not have an IT department
One of our users changed his domain to a workgroup (made us rethink who has admin access on all our PC's) thinking that it would somehow fix the problem he was having with not being able to print anything to a network printer. Well, this promptly called for a restart and upon restarting would not allow him to log back into the user account.
This all makes sense to me as to why it will not let him log-in using credentials that he is no longer a part of due to security restrictions. But my question is how do i recover the account? In other words, how do I go about rejoining that user account to the domain that everyone is located on.
If all new user accounts are defaulted to join the domain, how come its not just as easy to move a user from a workgroup back to that domain?
Also, the machine is running Windows XP. It's critical that I get the old user account set back up because it was used for Outlook e-mail as well as several important documents/spreadsheets. I know that none of these files are lost as I can still navigate to them through the Local Disk. But really I would like to get the old user account working instead of having to copy/paste all the old content to a new user account in order to hopefully retain all old settings and configurations. tl;dr A user on our domain moved his user account to a workgroup and now is unable to login or access his user account. How do I move the user account back to the domain?
We have a Cisco ACS 5.2 deployment (appliance). It has an existing integration with Active Directory. We utilize this with RADIUS to authenticate our wireless users and TACACS for managing our network equipment.The RADIUS reports are useful for other teams (outside my own) to be able to troubleshoot password and account lockouts (everyone forgets to change the password on their phone).I would like to allow this team and other access to view the RADIUS authentications report.
View 2 Replies View RelatedWe had a power outage that kicked off our server and our network switch (2008R2, Cisco2960), before we could get it back up, a user was able to log into his laptop.
The user used the domain login - not the local machine account - he obviously wasn't able to access any shared resources, but how did he log in with a domain account, when the server and switch were both off?
each time i type my email and password a red message appears telling me that the account domain is reserved
View 1 Replies View RelatedI´ve a little problem with the aaa authentication over RADIUS with a Cisco 3560G-48PS - IOS 12.2(58)SE2. When I try to log in to the Switch per Telnet, it didn`t works and my windows domain account is locked. Here the aaa config:
aaa new-model
aaa authentication login default local group radius
aaa authorization config-commands
[Code].....
I am just wondering if it is possible to have two user accounts in Cisco RV042 V3 (Firmware: v4.1.1.01-sp (Dec 6 2011 20:03:18). User accounts to mean that one user can access the router with an administrative level access can do all the changes and management of the router's configurations and settings while another user can only do viewing of the system summary tab and connect and manage the simple configuration to connection to the ISP in both WANs, like setting up the connection type and release/renew the ip address for dynamic ip assigned by the ISP DHCP server.
View 1 Replies View RelatedI cannot sponsor a guest account using his/her email address. When I try to create a guest account, its show as file attached.
For example,
email.m@email-me.co.xx ->>>>>> cannot create
email.me@email-me.co.xx ->>>>>> can create
ISE version 1.1.1.268
Patch version 1
We have installed ACS 4.1 as authentication server for wireless SSID. Need to create list of ACS user expired on specific date.Is it possible to create report in ACS 4.1 as per user account expiry date?
View 3 Replies View Relatedi have 4 pc's. how can i create DOMAIN in windows7?
View 2 Replies View Relatedo create a domain host
View 2 Replies View RelatedI was given a 510 PIX Ver 6.3(1)to reconfigure but have no information on the existing configuration and need to wipe it clean and start over how can I do this to get back to the factory default settings. I have tried the "monitor>" but I don't know the IP address of the PIX interface.and am not sure how to do the setup for recovering the password.
View 7 Replies View RelatedI am taking a college course using Microsoft Windows Server 2008 Administrator Lab Manual. The labs assume that you are in a MS lab with the ability to connect to thier domain and servers. I want to create my own virtual lab to simulate MS environment so I can follow the assignments. I have VirtualBox installed. I am a completely new to servers and networking
View 2 Replies View RelatedI search for the both files, because I want to configure one ASA with 8.2.1 and the other ASA with a 8.4.x image to see the differences between both versions. But I don`t have a account to download the ASA Image 8.4.x an the ASDM 6.4x to test it.Is there a chance to get those Images without a Account.
View 1 Replies View Relatedhow do I create a new security code
View 3 Replies View RelatedAt my small business (30 employees) we currently don't have a hardware firewall. Should I have one? If so what do you recommend? We are all connected to a Windows Server 2003 domain in one office building.
View 7 Replies View RelatedTime Warner used remote access to get into my wrt54g system and create a new user id/password for security. As a result, my hp printer will no longer communicate with my computer. HP says to hook up a usb from router to printer, but there's no usb port on the wrt model I own. I hooked up a usb from computer to printer but it did nada...
View 5 Replies View Relatedi need the MIB object names for monitoring the processor and Memory Utilization of CSS 11503 with software version 7.50 Where can I find it?
View 5 Replies View RelatedWe are currently running 8.3(2) and I'm just wondering how many network/host objects the device can support? and how big can an access-l get?
View 1 Replies View RelatedI am using LMS 3.1 on windows, and getting the error while logging, You don't have permission to access /cwhp/LiaisonServlet on this server.
View 8 Replies View RelatedI use tracking objects aroung the organization where I work to monitor WAN and VPN connections and add/remove routes based on the state of the object. I'm having 2 locations that are constanty going up and down and I've been troubleshooting and monitoring for the last few weeks without finding anything. I've been incrementing the timeout for the SLA and it seems like this is working a little (less overall drops) but the drops still occur. Our ISP reports no issues and we see no issues internally on the circuits. Just out of curiosity could this be some kind of IOS bug or hardware malfunction? The router logs are full of these:
Mar 21 16:18:33: %TRACKING-5-STATE: 2 ip sla 2 reachability Up->Down
Mar 21 16:18:38: %TRACKING-5-STATE: 2 ip sla 2 reachability Down->Up
Mar 21 17:24:14: %TRACKING-5-STATE: 2 ip sla 2 reachability Up->Down
Mar 21 17:24:19: %TRACKING-5-STATE: 2 ip sla 2 reachability Down->Up
[code]....
The IOS version of the router I took these from is 151-4.M6 advanced IP services and it's a 2821 router.
I'm testing upgrading an ASA from 8.2.5 to 8.4.4. During the the upgrade, it change all of my ACL host entries to objects. But I noticed that the keyword "host" is still a valid option when creating an ACL.
I'm trying to understand why this change is made during the migration.
I'm trying to add an extended ACL (120) to an 800 series router (887) using Network Objects to allow the management user IP range full access to IP services and restricted access to email only for standard user IP range. However as soon as I apply the ACL to the outbound of my Vlan no matter what is in the ACL my PC looses internet connectivity. I've tried adding an explict allow for my IP address and still no access so I'm thinking possible a NAT issue, please have a look at my attached config and let me know what you think. Would I be better trying to control data flow with ZBF? I want to restrict standard users to email access only during the work day with web access and IM access after hours along with blocking all P2P programs for standard users at any time. Management group will have unrestricted access to all IP protocols. My original plan was to use time based ACL's!
View 9 Replies View RelatedMy ASA5505 has an external address of x.x.x.13. We have got another 2 spare ip addresses: x.x.x.10 and x.x.x.11.We also have 2 internal hosts, which we need to provide with internet access using NAT. y.y.y.146 and y.y.y.70.
We recently updated our ASA to software version 8.3(1). I was thinking that I could do it using network objects and groups, but didn't understand quite good how this should be done.
The goal is to set up ASA in the way, that if either of the abovementioned 2 hosts will connect to the internet, it needs take one of 2 external addresses. All other hosts should use PAT through x.x.x.13.