Cisco Security :: Will NAC 4.7.1 Work On V4.1.2
May 22, 2011
I was running V4.1.2 up until recently for my nac install. This needed to be upgraded to support windows 7 so the CAM and CAS were upgraded to version 4.7.1. The CAS is running a trusted certificate from Entrust and the CAM is running a self signed cert (perfigo).
First question is will this work with version 4.7.1? I have read a lot of threads about SSL being used between the CAM and CAS.
I have gone through the steps to export the CAM Cert and import it into the CAS Trusted certificate Authorities and vice versa but I still get the following error message on the CAS:
"Warning: The current Trusted Certificate Authority URL is suited for lab environments only. Cisco recommends importing a third-party Certificate Authority. Please check your Clean Access Manager(s) and standby
Clean Access Server for similar messages. "
Is this purely because I am using the self signed Cert on the CAM? If I purchase a cert from Entrust for the CAM, will this correct the problem?
View 1 Replies
ADVERTISEMENT
Mar 25, 2013
My windows fire wall wont work. It keeps showing me that as a result of error, the firewall cannot display settings. All attempts to open or turn on the firewall is unsuccessful
View 10 Replies
View Related
Aug 23, 2012
I have gone through the docs in creating a static NAT. I have gone into firewall/NAT Rules and set the internal / external entries, set access rules for the various services. However, I am unable to make a connection remotely. Somewhere along the line, I must be missing a command or something.
ASA ver: 8.4(4)
ASDM ver: 6.4(9)
View 1 Replies
View Related
Sep 6, 2011
Is there any chance the Wireless Repeater mode work with WPA2-AES ?If not, which model of AP should I buy to connect it with my wap54g as Wireless Repeater?
View 4 Replies
View Related
Dec 19, 2011
I'm studying for CCNA Sec exam and looking for any security labs for GNS3 or Packet Tracer.
View 3 Replies
View Related
Feb 28, 2011
My company ordered NAC and ACS 1120 My question is Can i configure 802.1X security through ACS server and NAC in layer 2 Inband Virtual Gateway.for campus switches.Is it the good design to have double security for switch ports. 1st is 802.1X and 2nd is NAC in layer 2 INBAND VG?
View 1 Replies
View Related
Aug 8, 2006
ASA 5510 security plus edition will it support active/active failover. and does it support context with securiyt plsu edition. and how many default context do we get with asa 5510 security plus edition.
View 3 Replies
View Related
Mar 29, 2012
I have a Linksys WRT610N wireless system with WPA-PSK security and this works fine with several computers but now one computer detects the wireless security as WEP and can thus not connect to the router. I have tried to manually connect to the router with correct security WPA-Personal (TKIP) and correct password but then the computer says "settings saved on this computer for the network do not match the requirements of the network".How can I get the computer to detect the correct security? The computer is running Windows 7 home premium.
View 7 Replies
View Related
Mar 24, 2013
Is it true that the FCC is investigating the Pogo game site because of poor security? Is Java the cause of this problem?I'm very leery of getting on the Pogo site because I've been told that my computer could get a virus and crash.
View 1 Replies
View Related
Dec 24, 2011
I'm new to IT, and have been put in charge of managing our servers hile my boss is on vacation.We currently have a Sonicwall Network Security Appliance that handles our Firewall/VPN and have web content filtering set in place.I have a user who belongs to 2 CFS policy groups that we have set up. I've double checked with Active Directory, and he is a member of both groups.
This person SHOULD have access to Job searches/ and Restaurants,but receives a "content blocked" message on his browser.It appears to me that the settings in Sonicwall are correct, as well with AD member groups.
View 3 Replies
View Related
Jan 19, 2013
I am trying to connect to a Security-enabled wireless netowork. I have the key. My problem is that I can't seem to figure out how to enter it. When I try to connect I open the "view available networks"window. I see the network name and it shows a strong signal (all 5 green bars).
View 3 Replies
View Related
Sep 15, 2012
I want to install Microsoft Security Essential on my PC, but I am not sure which download I need. One says amd64 and the other is x86. I am using windows xp 32bit.
View 2 Replies
View Related
Apr 20, 2013
Some security tools and techniques for wireless LAN??
View 1 Replies
View Related
Apr 9, 2011
I was informed by a co-worker that there is a security vulnerability with the local certificate authority in the ASA running 8.3 code. I've looked through the security advisories and haven't been able to find anything about this. Was this just misquote or am I missing the security advisory release?
View 1 Replies
View Related
May 24, 2011
I have a ASA 5505 that I test with which originally came with the Security Plus license. I recently erased flash and loaded the latest asa841-k8.bin version of IOS along with asdm-642.bin. Everything booted fine and came up as it does when freshly wiped however I noticed that i was now only running a base license. If I issue the sh activiation-key command, I noticed the following messages (full output is at the bottom):
The Running Activation Key is not valid, using default setting
......
This platform has a Base license.
......
Failed to retrieve flash permanent activation key
Did I somehow kill my Security Plus licensing when I did the erase flash? If so how do I recover it?
ciscoasa# sh activation-key
Serial Number: JMXXXXXXHU
Running Permanent Activation Key: 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000
The Running Activation Key is not valid, using default settings:
Licensed features for this platform:
Maximum Physical Interfaces : 8 perpetual
VLANs : 3 DMZ Restricted
Dual ISPs : Disabled perpetual
VLAN Trunk Ports : 0 perpetual
[code]...
This platform has a Base license.Failed to retrieve flash permanent activation key.The flash permanent activation key is the SAME as the running permanent key.
View 2 Replies
View Related
Sep 2, 2011
I'm trying to set up my DIR-655 so I can use VPN to access my work PC. How can I set this up?
View 2 Replies
View Related
Nov 19, 2011
I have a DIR-655 B1 router. The firmware is 2.00 NA. Just to clarify, the DSi itself does work with WPA, but the games only work with WEP. I made a guest account and set it to WEP and it still does not work. I have tried making the main connection WEP as well, but when I go on the game and try it, it says it is WPA and not WEP. My friend has a DIR-655 as well, but the hardware and firmware version are different. Her games work flawlessly.
View 10 Replies
View Related
Jun 10, 2012
How can I get the security key password for my iPad?
View 2 Replies
View Related
Dec 28, 2011
I have windows xp home and the last few days a security installation has kept trying to install ie: "Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package (KB2538242) (update 1 of 1)..."
View 3 Replies
View Related
Aug 22, 2011
my router has a WPA security system and I want it to be a WEP security system, what must i do?
View 7 Replies
View Related
Aug 8, 2011
I am delving into the world of Certificates and the ASA. I am having the HARDEST time grasping this though. I've poured over Cisco whitepapers, been reading through books and things just aren't solidifying in my head. So my question is, how do Certificates for SSL work on the ASA? Where does the data transmit and how does an ASA talk to a CA and User for things?
Lets do this basic topology for the discussion:
End User------SSL VPN---> ASA--->Internal CA
So in theory we are supposed to create a certificate and install it on the ASA and then set the outside interface to trust that cert?
How do identity certs and root certs also work out on the ASA? I have instructions that pretty much say
Create RSA key
Create new trustpoint
cry ca auth newtrustpoint
cry ca enroll newtrustpoint
cry ca import ?
So what are all of these steps specifically doing? Also in ASDM it shows a normal Certificate and an Identity Certificate. I can't really figure out the difference between the two. Does one cert talk to the CA and the other identify the ASA to the CA?
View 7 Replies
View Related
Jun 15, 2012
I have a test on eigrp next week and have been doing it in packet tracer so i`m ready but i can`t seem to get EIGRP to work!I have 3 routers and the loopback interfaces are configured because there`s not enough PCs to actually connect up to the kit. [code]
View 5 Replies
View Related
Jul 3, 2012
I'm playing around with CBAC, trying to get a feel for it so I can manage it on some of our routers. I think I have the basics down, but for some reason I'm still having these issues with a 2801 running the attached config:- I had to add the "router-traffic" option to my ICMP inspect line to be able to ping anything at all on the 10.10.2.0 side from the router. We have a router doing firewall duty which is using CBAC but does not have the "router-traffic" option on its ICMP inspect line, but pings from it still work. What gives? I've read that by default (without the "router-traffic" option) traffic originating from within a router will not be inspected by CBAC, so it looks like my lab router is working as expected, I just can't figure out why pings work from the production firewall router.
- I can not copy a config via TFTP to 10.10.2.97. Other network devices can access the TFTP server on .97, so it's my lab router that has the problem. I can ping .97, it can ping this router (.5). It looks to me like I have TFTP allowed through this router, but it doesn't work. When I do a copy command, my TFTP server on .97 sees PUTs coming in, but then says it's not getting responses from the router, so it looks like traffic is only flowing out from the router but not back in. I thought the TFTP inspect would fix that. There doesn't seem to be a "router-traffic" option for the TFTP inspect[CODE]
View 1 Replies
View Related
Jun 25, 2012
I have a L2L VPN tunnel on a Cisco ASA 5520 that I'm trying to get RRI to work on. On my cryptomap ACL I have defined a local object-group and a remote object-group, and I'm performing one-to-one NAT on the local group. I also have a route map configured that will take the static routes and redistribute them into my EIGRP AS. Two things I've noticed -1, I'm not seeing any static routes on my ASA that point to the remote subnets, and 2, the ACL that I've used in my route map definition is not getting any hits on it.
View 2 Replies
View Related
Jul 5, 2011
I'm having trouble getting this to work, after my upgrade to Mac OS X Lion the Anyconnect client can no longer login. Reinstalling didn't work for me.
View 24 Replies
View Related
Feb 23, 2010
I can't get IPv6 to work on my Cisco 877:Do I need to do something to enable it? I have a /56 from our ISP that I would need to configure.
View 12 Replies
View Related
Nov 30, 2011
I have a stack of SGE2010P switches with 3 vlans (1, 10 and 255) on it. Connected to it via a trunk port, I have a SF300-24P.On the trunk ports, I have vlan 1 untagged, vlans 10 and 255 tagged (on both sides, obviously).On the SGE2010 stack, I can set a ports primary vlan id to vlan 10, and workstations work correctly.On the SF300, if I set a port to type general, and the ports default vlan to 10 (on the port to vlan page), I cannot get any communication to work.This is my first time with a non-CLI switch, and am having real problems figuring out how to troubleshoot this problem.
View 1 Replies
View Related
Oct 18, 2011
Does aps work with Wcs ?? .
View 4 Replies
View Related
Apr 22, 2013
I purchased 3 of these Wireless-G access points and none of them are plug and play. I am here because I have spent the last three hours trying to go through every step they suggest in the Quick Start Guide.
I tried entering in a web browser the default IP address and wait for a login that does not appear.
View 4 Replies
View Related
Nov 8, 2011
i have a problem regarding VPN setup on 5510 ASA and other side 5520 ASA. previously we created the VPN but it works only when the other side start pinging to our side.i have to mention here that we created the BI- Directional traffice on for both side .we have to configure tunnel up for both side .
View 2 Replies
View Related
Mar 11, 2011
Why in some places I can not switch on my VPN ? The strange thing is when I use the VPN server of my office , this work OK and it is the same VPN client. So this means that I do something wrong in my private CISCO 1841 ROUTER.Here bellow what does not work and at the bottom the same computer same network.
View 6 Replies
View Related
Apr 25, 2012
We have purchased LMS 4.0 -300 and were wondering how well the software will perform on a Virtual Enviornment.
View 3 Replies
View Related
Nov 7, 2011
I had the Cisco 877W Router working in my old company. The old company was closed and I bring all of network equirments to new company.I am trying to setup this router to new company but lost menu, console cable and software CD.
View 2 Replies
View Related
