5.3 ACS protocols support
Hello
my company asked me to check authentication protocols are supported by acs 5.3.
We have a network of all cisco devices, the oldest is a 2950 with IOS 12.1.
I know that they were compatible.
ACS 5.3 to what degree of hardware compatibility ever?
Support of all GANYMEDE cisco devices +?
Thank you
Fabio
ACS can act as a RADIUS or radius server for all these devices supports the Protocol radius and Ganymede.
For more information like what type of back-end databases support please check the link below:
Support and software and interoperable devices for the Cisco guarantee a system of control 5.3
ACS 5.3 as server AAA
Let me know if you need more information.
Kind regards
Jousset
The rate of useful messages-
Tags: Cisco Security
Similar Questions
-
Protocols supported in OAT 9.2 for load tests
Hello
Can someone help us to provide a list of protocols supported by OATMEAL 9.2 for load test applications.
Thanks in advance.
Kind regards
MaheshHi Manu
OATS 9.20 has the following modules for load tests:
HTTP/S
-Siebel
EBS/forms
-ADF
-Flex
-Oracle databaseConcerning
Alex
-
2.4 Ghz wireless protocols supported in LabView
As part of our University, we use your Robotics Starter Kit 2.0 and two other Robots of Lynxmotion (Brat & Tri-trak).
Our goal is to integrate all three robots with LabView on a PC using Bluetooth/2.4 Ghz wireless connections.
Our Tri-Trak can be controlled by a PS2 controller that uses a 2.4 Ghz wireless connection. I'm not sure of the Protocol for that, but it doesn't seem to be the Bluetooth. LabView supports protocols other than Bluetooth 2.4 ghz wireless?
Any advice or comments would be greatly appreciated,
Thank you
Richard.
ThiCop,
Thanks for your reply.
We were able to determine that the lynxmotion robot used the technology/Protocol, we decided to buy a Bluetooth for it.
-
LabVIEW base, protocols supported system of development and the basic features
Hello
I ask this question here because I can't find that information on the web, or I get the technical support e-mail response. We are interested in acquiring a license of basis of Labview to start development to develop test for simple automation systems. The basic idea is to have a card with digital, analogue i/o, common seria interfaces: RS232, Ethernet, I2C or SPI. All this to interface HW under test. A single port for communication with the PC (USB, Ethernet, RS232).
We would like to know:
(1) what protocols are supported by the Labview Base development system package.
(2) if the license mode allows you to integrate MATLAB/C/C++ code.
(3) in general, where a document that provides details on the characteristics of the Labview. We were not able to find a manual for it. Just this very basic with informaton purchase link: http://sine.ni.com/nips/cds/view/p/lang/no/nid/1385.
Kind regards
Jose
Have you looked at the page 'Buy' for LabVIEW? http://www.NI.com/LabVIEW/buy/
Basically, I think that LabVIEW base supports everything in terms of basic Windows protocols, but does not include LabVIEW RT or FPGA (for CompactRIO/FPGA targets) but you can use series, ethernet, etc. DAQmx for windows (and also the instrument 3rd party drivers). It doesn't have the enhanced math library or the application Builder so that you can not create executables/installers - you will need run your code in the development environment.
Alternatively, you can call external code .NET / C dll through the call library function node. You will not be able to incorporate Mathscript, because it is only in the complete edition upward.
-
ACS supports several Active Directory domains to 802. 1 x EAP - TLS?
Hello
I'm looking to implement 5.2 ACS using 802. 1 X, we have two distinct areas of AD.
Now... That's the tricky part...
One switch must support two ads, if an AD1 computer, it will be authenticated to the ACS using AD1 and applied to the VLAN1, whereas a machine located in AD2 is authenticated to AD2 and applied to VLAN 2.
I'm looking for machine authentication, user authentication, so I guess I'll need two certificates of import of each ad.
Can any expert please let me know if they think that this will be possible please?
Thank you very much
Yes ACS can support several areas of the AD, but you need to configure one of your AD domain name and the other as a LDAP database and it will not work because you plan to use eap - tls.
The question I have is how ACS version do you use? If you use ACS 5.x, you can set up and storage of identity of sequence, so if the user is not you can move to the next store and this will prevent you from installing two certificates on each machine.
You can then configure an allow rule for separate containers on which there are workstations (that's assuming that the machine authentication is used) for the AD database or the Protocol LDAP database, and then assign the vlan based on that.
Thank you and I hope this helps!
Tarik Admani
-
What type of support for labview usb protocols?
Hello guys I want to connect a device to your pc via a usb port and I want to use labview to analyze the data.
But first of all, I would like to know what usb protocols support for labview.
USB, USB CDC and other TMC?
I ve read labview recognizes a raw device to the usb, but what is? Is it VI to read and send data, or I have to do? If these VI exists, they do the handshake? flow control?
Thank you.
Please read the chips and have a look at the USB specification (it is linked to in the nuggets).
TMC, CDC, MAss Storage are all built on the basic USB protocols.
LabVIEW has no built-in support for one of these classes of devices except Test and measurement.
Shane
-
Cisco ACS secure 5.3 allowing foreigners on ACS local domain server domain accounts
All the
My company has recently acquired another company
Each company has its own domain and controllers
The problem:
Executives of the absorbed company sometimes come to the main site for meetings using their own laptops
configured for their own areas. This caused problems of authentication wireless with Windows 7 machines.
The domain account when you connect is forcing the dispatch of the password, the name of domain user and the foreign domain
The need:
We need to somehow add foreign domain as the source of authentication on the local ACS authentication attempt with our wireless controllers is allowed.Give advice on how this could be achieved.
Hello Steve,.
Concerning the behavior that you experience with ACS to be able to authenticate users against the foreign domain is completely expected and you will only be able to authenticate by entering the user name and domain name.
The only option to join the ACS for a foreign domain is LDAP configuration and in this way, you will be able to join the AEC directly with this area, however, there are several limitations on the supported protocols when you use LDAP as you can see from the following link, then you want to see if he would be available as an option for you or not depending on the Protocol that you use (which I suppose is it PEAP / MSchapv2) as you mentioned that users will type the identifying information, so it does it does not for you):
http://www.Cisco.com/c/en/us/TD/docs/net_mgmt/cisco_secure_access_contro...
Excerpt from the link:
Authentication Protocol EAP no B-4-table and user database compatibility
Identity storePAP/ASCIIMSCHAPv1/MSCHAPv2CHAPACS
Yes
Yes
Yes
Windows AD
Yes
Yes
NO.
LDAP
Yes
NO.
NO.
RSA identity store
Yes
NO.
NO.
Identity of DEPARTMENT store
Yes
NO.
NO.
Table B-5specifies the EAP authentication protocol support.
Authentication Protocol EAP compatibility of database user and table B-5
Identity storeEAP - MD5PEAP-EAP-MSCHAPv2EAP-FAST MSCHAPv2PEAP-GTCEAP-FAST-GTCACS
Yes
Yes3
Yes
Yes
Yes
Yes
Yes
Windows AD
NO.
Yes
Yes
Yes
Yes
Yes
Yes
LDAP
NO.
Yes
Yes
NO.
NO.
Yes
Yes
RSA identity store
NO.
NO.
NO.
NO.
NO.
Yes
Yes
Identity of DEPARTMENT store
NO.
NO.
NO.
NO.
NO.
Yes
Yes
Note: Please mark it as answered as appropriate.
-
ACS 4.0 EAP - TLS Cert does not
Hey,.
so, I have generated my certificate signature request, took it to my CA, a cert. "ACS Certification Authority Setup" I have installed on my device ACS, then 'Install ACS certificate' installed (he parked in the privkey and password so I guess he got that comes from the cert file). I then add the CA to "change CTL. All of this goes off without a hitch.
However when I try to add the "certificate revocation list" I am unable to add the two LDAP:------and http://. I confirmed that the http:// is working on the certification authority, and all the possible indications are that the ldap protocol works too but I can't test with tools.
When I go to "System Configuration"-> "Global Authentication Setup"-> "allow EAP - TLS' I get the following error.
Could not initialize the PEAP or EAP - TLS authentication protocol because the certificate authority is not installed. Install the certification authority by using the "ACS Certification Authority Setup" page.
Exactly, which is not installed on the certificate? It is on the ACS server, it is configured and the date range is correct.
I've been banging my head against this all day and could use some suggestions. :)
Hello
For EAP - TLS to work you must use external CA installation such as Microsoft or Rapid SSL etc and auto generated in ACS certificates supports PEAP support but not EAP - TLS.
HTH
Ahmed
-
Type of Service you choose ACS 5.3 - 11033 isn't network access
I have a few older devices on the network that only support the RADIUS authentication (not GANYMEDE) and would like to have them use SecureACS 5.3
I understand that by default, ACS only supports GANYMEDE to the administration of the unit. So I get this error when you try to RADIUS:
11033 selected Service type is not network access
Description:
RADIUS requests can be handled by Access Services which are of the type of network access
Text of the resolution:
Verify that the policy of Service selection rules are correct
However, even after the rules of selection of the setting function and see hits, I still see the same message in newspapers, as if she has no effect. Any ideas?
If you use the protocol like RADIUS you can not use a device administration service. You can only use the access to the network. That will allow you to authenticate on the devices.
Kind regards
Amjad
Rating of useful answers is more useful to say "thank you".
-
Qosmio X 500-WLAN RTL 8191 / 8192 SE only supports 20 MHz?
Hello
no idea if this is right?
Jim
Sorry mate but I put t understand what you want to know?
REALTEK RTL8191SE wireless network card support the standard 802.11 B, G and N.
So, you could use and to connect to 802. 11B G and WiFi N if your Wlan router would support this WLan protocols too.
Only WLan protocols support a certain frequencyIf you want to know the details about 802.11 B, G or N project then you could check in Wikipedia.
-
Have I messed up my Wi - Fi UK Xoom trying a reset to see if she would take OTA ICS?
Tablet turned, held the Start button / stop and volume control set until the Tablet restarted.
The display will now show
"Starting from RSD Protocol support 0
Onewire: The charger is not connected or the battery is not recharged...
Battery load level 99% ".
Thinking that the charger must be plugged I fact but the screen remained the same for more than 1.5 hours.
Where should I go from here?
Thnx
Just put it off and on again.
Nothing broke. It will just restart. -
The bellows of the sentence was written to the product page of ACS. that means 50 customers AAA who takes in charge only 50 devices to be configured to use AAA?
Cisco ACS Express is available as a 1-rack-unit (RU), reinforced with a preinstalled license of Cisco Secure ACS Express security apparatus. Cisco ACS Express supports a maximum of 50 clients AAA and 350 single user logons in a 24 hour period
Adriatik
If the license is for 50 customers then you only the query ACS can express with 50 aircraft. If you have more than 50 devices requiring a GBA so you need something more than the ACS Express (or you need 2 ACS expresses).
HTH
Rick
-
ACS 5.7 - access to tracking and reporting on a secondary server to the primary server
My organization has an ACS deployment, consisting of three servers. Currently, the primary ACS server is also the newspaper collector. However, Cisco recommends to a secondary server in the log collector.
I noticed that I have connection on the secondary server and click on "Monitoring and reporting", I am prompted to connect to the main server because that's where newspapers. I guess if the newspaper collector is on the secondary server and I click on "Monitoring and reporting" of the main server, I will ask you to connect to the secondary server.
Is there a way of not having to connect twice (once to access the web interface and new access reports)? It seems that deployment of ACS should support a kind of function of single sign-on and once you are connected to a server, gives you access to another without having to log in again.
Hi David,
I know that the Cisco documentation mentions the school be the best practical paper collector, however, which in fact means is that the server acting as collector of newspaper should be not authenticate users.
If your backend is the collector of newspaper that should be fine, as soon as it's not authenticate users (but secondary responds to this task).
And related to the shift, that of right, independently on the server to which you connect, once you click on "Monitoring and reporting" you will be redirected to the collector of the newspaper and need to connect in it, unless you are currently on the newspaper collector and click on 'tracking and reports.
SSO between servers would be a good thing but is not available.
Note: Please mark as answer as appropriate
-
What is the recommended size of repository to store saves the backups of ACS SNS-3415-K9, v5.4
Hello guys, we need your advice :),
do you know what is the recommended size of repository to store backups of logs of ACS SNS-3415-K9 (v5.4.0.46.0a software)?
We intend to create an FTP server to record a monthly full backup and an incremental backup daily.
We would like to consider the worst case in which ACS View Database is complete and a full backup is required and daily incremental backups.
In the second period, we would appreciate really any advice on how to maintain, say, only the last 2 full backups and all the related incremental backups in the FTP server, is there a way to automate the removal of the oldest backup when a new backup is generated?
Thanks in advance!
Hi Rodrigo,
Honestly, there is not a suggested size of space available to FTP/SFTP server used as the size of your backups of data base of progressive and complete view depend on 100% of the amount of newspapers ACS server receives every day, so what I would suggest to take a look at a couple of incremental for 2 consecutive days and would help you to determine what would be the amount that you need for a period of 30 days (one month).
And associated with your concern if the ACS would supports the option to manually maintain the last 2 full backups view, unfortunately, it is not available as an option.
-
What version of ACS that supported for the host agent (for example IP phone, printer, etc.)?
I have GBA v3.1, it is supported?
Is there a solution to authenticate devices by MAC address?
Thank you
AW
Configuring the host agent is supported in 4.2 and ACS version 4.0,4.1. Many guests who authenticates the ACS are running the agent software that requests access to network resources and receives approval from the ACS. However, some hosts are not the agent software running. ACS solves this problem by using the MAC address of the host device to identify and authenticate the host. This technique is called the authentication MAC (MAB) workaround.
Maybe you are looking for
-
iMac 5 k - restart during work - sometimes with Kernel Panic
Hello my computer restarts during my work 1 or 2 times a day. Sometimes I get a kernel panic Message. Here's my report from panic. Maybe someone can read it. :-) iMac 5K (end of 2015), OS X El Capitan 10.11.6, with all updates, no device on the USB P
-
Hello I am trying to use the FTP put file VI to get the images out of my smart camera of NEITHER and I can't just not work, and I have no idea what I'm doing wrong. I use FileZilla Server as FTP server on my host PC. The images are saved in the folde
-
Download Windows Update problems
Why when I try to download updates windows for microsoft .net framework downloads what they continually fail? Security for 2.0 update and Service Pack updates for the Microsoft.NET Framework 3.5 updates keep fault!
-
Server error internal 500 WRT54G2
Hello everyone, I have a problem with my router WRT54G2. I was upgrading my firmware when my computer froze, so I had to leave. Afterwards, I couldn't connect to the configuration based on the web page more. I did a factory reset and installed again
-
I format the drive, then I burn music to it, it will play on my laptop and on my pc, but it won't play in my car, the car is two years so I don't think he has a player issue help,.