Accsss device based on NDG using ACS 5.2

Hello

I have 2 DC & Office network types. I have 3 types of LWOP users, office & DC. Office peripheral netowrk are in NDG of office, peripheral network DC are in NDG DC. Such configuration DC, office network users can access only desktop devices & DC network users cannot access that network DC devices...

Now I have users of LWOP, wanting to access both office & DC network devices. How can I achieve this?

I also consider this thread for all users.

Thank you

Tarik Admani

Tags: Cisco Security

Similar Questions

  • Devices configured for authentication under ACS

    Hi friends,

    Would like to know how many devices can be configured for authentication under ACS version 5.6.0.22 (Cisco Secure Network Server 3415).

    I'm not able to find the same everywhere.

    Concerning

    JN

    Hello

    It depends on the license that you install on the ACS 5.6.

    All deployments of 5.6 ACS supports customers AAA 100 000, 10,000 network, 300,000 users and 150 000 host device groups. 5.6 ACS collector server log can handle 2 million records per day and 750 messages per second for stress sent by the various nodes of ACS in the deployment on the server of log collector.

    Please visit this link:

    http://www.Cisco.com/c/en/us/TD/docs/net_mgmt/cisco_secure_access_contro...

    With the Base license, a Cisco Secure ACS 5.6 appliance or virtual machine software can support the deployment of up to 500 devices of access network (DNA) such as routers and switches. These are not authentication, authorization and accounting clients (AAA). The number of network devices is based on the number of unique IP addresses that are configured. The limit of 500-device is not a limit for each individual device or the instance, but a limit of scale that applies to a set of instances of Cisco Secure ACS (primary and secondary instances) that are configured for replication.

    The optional add-on of large deployment license allows deployment to support over 500 network devices. Only one major deployment license is required by the deployment because it is shared by all instances.

    Please visit this link:

    http://www.Cisco.com/c/en/us/products/collateral/security/secure-access-...

    Kind regards

    Aditya

    Please evaluate the useful messages.

  • Unable to switch to the privilege level using password set using ACS enable

    Hi all

    I am not able to not be able to visit the privilege level to help enable password set using ACS 1121 (5.4.0.46).

    Please find details of the ASA-

    ASA5580-20
    version of the software - 9.1

    LAB - FW / see the law # run | I have aaa
    GANYMEDE + Protocol Ganymede + AAA-server
    AAA-server GANYMEDE + (inside) host 192.168.x.x
    GANYMEDE + LOCAL console for AAA of http authentication
    Console telnet authentication GANYMEDE + LOCAL AAA
    AAA authentication enable console LOCAL + GANYMEDE
    authentication AAA ssh console GANYMEDE + LOCAL
    Console telnet accounting AAA GANYMEDE +.
    AAA accounting console GANYMEDE + ssh
    AAA accounting enable console GANYMEDE +.
    No vpn-addr-assign aaa

    I created the Shell profile so & given privilege 15 it.please find wink 1 similarly in word doc attached

    However, when I try to create the service profile I get the error message, please find snap 2 in word doc attached.

    Kindly share your expertise.

    Hello Dominic,.

    For authorization privileges to take effect, you must add the following command to your configuration on the ASA:

    AAA authorization exec-authentication server

    After adding it, the ASA will take into account the level of privilege that are sent by the ACS.

    Associated with the error you are getting on the graphical interface of the ACS, please make sure that you are using a browser supported for ACS 5.4 version based on the release notes:

    http://www.Cisco.com/c/en/us/TD/docs/net_mgmt/cisco_secure_access_contro...

    Note: Please mark it as answered as appropriate.

  • I lost my ipad I need to add the device to icloud by using the serial number. Can I do this?

    I lost my ipad I need to add the device to icloud by using the serial number. Can I do this?

    N ° you can not add it without physical access to the device.

  • "Another device on the network use my ip address".

    I tried to check my mail and could not and got this message "another device on the network use the IP address of your computer." I have never seen it before. He also said that I could change the IP address, if I continued to have problems. I bought this iMac and used Migration to transfer all the stuff from my old iMac that is still used. That was months ago, but I never had this message up to now. So should I change one of the IP addresses? And if so, how is that done?

    http://osxdaily.com/2010/09/19/another-device-on-the-network-is-using-your-Compu ters-ip-address.

  • Is there a way to find the IP address associated with a device that is currently using my Apple ID?

    Hi, is it possible to find the IP address associated with a device that is currently using my Apple ID? There is a device currently using my Apple ID, and I would like to know its IP address. When I connect to appleid.com, the device is listed. The device is an iPhone. It is an emergency situation. Thank you.

    Unless it's on your local network, the IP address won't be useful to you in any way. (and no, you can do that)

    If this is really an "emergency", inform the authorities.

  • That means "another device on the network use the IP address of your computer"?, that means "another device on the network is using the IP address of your computer?

    That means "another device on the network use the IP address of your computer"?, that means "another device on the network is using the IP address of your computer?

    A

    Most likely, the computer becomes a network address of a router. The assignment of an address ("lease") expires and must be renewed after a certain period of time, which could be an hour or a day. The lease expired without being renewed because the device has been disconnected at the time. Meanwhile, the address has been leased to another device on the network, or maybe the router has not updated its list of addresses the leases. When the device offline comes back online, a conflict results. Depending on the type of router you have, the conflict can resolve itself automatically. If not, then in the menu bar, select please

    ▹ System Preferences network ▹ 

    If the preferences window is locked, click the lock icon in the lower left corner and enter your password to unlock it. Click the Advanced button, and then select the TCP/IP tab in the sheet that drops down. Look at the menu option

    Configure IPv4

    If the selection in this menu is

    Using DHCP

    Click on the button

    Renew the DHCP lease

    Test.

    Make sure that you have more than one DHCP server on the network. That could happen if you have more than one access point Wi - Fi, or if you have a router and broadband a wide device distinct in connection mode sharing.

    B

    Less likely, you have a network address that you assigned yourself and another device is itself by assigning the same address. In this case, the selection to configure IPv4 menu will be either manually or using DHCP with manual address. This kind of conflict will not be resolved automatically. You have the following options to solve:

    1. Change the selection in menu using DHCP.
    2. Change the address assigned manually to one that is not used by another device.
    3. Change the address of the other device.

    Which of these options you choose depends on the details of why you use a static IP address. Any changes you make to the network settings is necessary before taking effect. To do this, click OK, and then click apply.

    If the router is also your device at wide band, then he may be operating in bridged mode. In this case, only one customer at a time will be able to connect to the Internet. Consult the manufacturer or ISP documentation for how to reconfigure the device in the connection mode sharing.

    C

    According to a report a "DirectTV" receiver can cause the problem. If necessary, disconnect the device from the network, or power off and test. Consult the support services provider.

  • Error: The video device is currently in use... trying to import video

    original title: importing video

    I'm trying to import video from my camcorder. I did this several times in the past with no problems. Now, I get the following message: the video device is currently in use. Close any other program that is using the device and try again.

    I don't have any other programs open. I went to the Device Manager; Imaging devices; and my camcorder is listed and it says that the device is functioning properly. I tried to "import from digital video camera" using Windows Movie Maker and I still get the same message. I tried to disconnect the 1394 cable and turn on/off several times my camera. I still get the same message. I've never had this problem before. I have Windows Vista Home Premium.

    I had the same problem since I started recording on 10 July
    I have DELL Studio 64-bit pc
    Sony DCR TRV350 so I use I394 cable 4 pin-to-6-pin firewire
    While your DVR camera is connected to the PC via firewire, search Windows Update and install the patches to recommend.
    If you have Windows encode uninstall it
    reset
    It worked for me
    It may be useful
    I checked with sony for help. They could not help, but it gave me a clue
    http://www.KB.Sony.com/selfservice/documentLink.do?externalId=C111893

  • Error 633: the modem (or other connecting device) is already in use or is not configured correctly. Any solution?

    I have Microsoft Vista Home Premium edition. I use the data card (broadband +, model - HUAWEI EC1262) to connect to the internet.
    I get error 633 whenever I try to use the data card to connect to the internet on my laptop. He says that "the modem (or other connecting device) is already in use or is not configured properly" and preventing me from accessing Internet.

    I tried with a different brand of card data, but still getting same error. Map data even works on another laptop with Win7.

    I did all the options like:
    1 uninstall and reinstall modem drivers
    2. release the COM port and the new port assigng

    We always get but same error. Any solution for this problem would make.

    Have you tried system restore? If you can restore the system to the date where it worked fine maybe it will work.

    System Restore frequently asked questions.

  • Windows has prevented my device Infarred "Serial Cable using IrDa Protocol" to 43 of the Labour Code

    Windows has prevented my device Infarred "Serial Cable using IrDa Protocol" to 43 of the Labour Code

    Can someone help me with this please. Can I change the value and it Peel attention but in a few moments it will return on attention. I have no idea how yo what is causung this also...

    Hello

    ·          You have installed the latest Service Pack for Vista?

    Uninstall and reinstall the device.

    a. Click Start.

    b. in the type of search box of start of "devmgmt.msc" and press ENTER.

    (c) in Device Manager, look for the device that has an error and expand the device with the error.

    d. right-click on the device with the error and uninstall.

    e. restart the computer and check if it installs the drivers and it works great.

  • Problem ejecting USB Mass Storage Device "this device is currently in use. Close any programs or windows that might be using the device, and then try again. »

    Original title: problem ejecting USB Mass Storage Device

    When I try to eject safely my external hard drive safely I get an error with this title message telling me that "this device is currently in use. Close any programs or windows that might be using the device, and then try again. "I did it. I also tried to close all programs running on the computer and it does not help. I also tried to restart the computer, and it also does nothing. If anyone has any ideas that might be useful please let me know.

    Hi a. Cook,

    (1) how long have you been faced with this problem?

    (2) is limited to any specific USB device?

    This problem may occur if there are handles open with all the files in the USB (Universal Serial Bus) mass storage device are in use by another program.

    Method 1:

    (a) Download Process Explorer from the link below

    http://TechNet.Microsoft.com/en-us/Sysinternals/bb896653

    (b) click on search, find handle or DLL (Dynamic Link Library) in the tool menu.

    (c) type the drive letter of the USB device in the handle or DLL substring text box and press the search button.

    (d) find the process and its PID (process identifier) in the following box.

    (e) with a view to the processes of the system tree, look for the process according to the dialog box find handle or DLL.

    (f) press Ctrl + H to display the handles in the view in the lower pane.

    (g) find the file according to the drive letter and right click, choose Manage close.

    Reference:


    Problem ejecting USB mass storage device
    http://support.Microsoft.com/kb/555665

    Note: Using third-party software, including hardware drivers can cause serious problems that may prevent your computer from starting properly. Microsoft cannot guarantee that problems resulting from the use of third-party software can be solved. Software using third party is at your own risk.

    Method 2: You can see the steps in the link below by Diana d.
    http://answers.Microsoft.com/en-us/Windows/Forum/windows_vista-hardware/problem-ejecting-USB-mass-storage-deviceits-in-use/fd56805c-ED8E-491F-8a2b-39ed1c988a71

    Method 3: A scanner online for any threat and try to correct

    http://OneCare.live.com/site/en-us/Center/cleanup.htm

  • 1 should. what updates I really low charge based on my use? 2 is it too late to perform a WINDOWS ANYTIME UPGRADE?

    Basic information. on my computer. >

    Right to copy of WINDOWS 7 HOME PREMIUM 2009 SERVICE PACK 1

    System =

    Model = HP PRO DESK GI 400 MT

    Processor = Intel Core i5 - 4690 S CPU @ 3.20 GHz 3,20 GHz

    Installed memory (RAM): 8.00 GB

    System type = 64 - bit Operating System

    --------------------------------------------------------------------------

    Purpose of the computer is a home PC used for e-mails, Internet, surfing, composition in WORD, EXCEL, etc.. Not used for business at all. No SKYPE or any other communication, has just written Communications

    -----------------------------------------------------------------------------

    Currently, SELECT THE UPDATES YOU WANT TO INSTALL watch >

    Skype for Windows 7.3 desktop (KB2876229)
    Update for Windows 7 for x 64-based systems (KB3080079)
    Update for Windows 7 for x 64-based systems (KB3102429)
    Update for Windows 7 for x 64-based systems (KB3123862)
    Update for Windows 7 for x 64-based systems (KB3139923)
    Update for Windows 7 for x 64-based systems (KB3140245)
    Update for Windows 7 for x 64-based systems (KB3156417)

    ----------------------------------------------------------------------------- I know that some the updates affect Windows 10 loading, I want any. I'll stick with Windows 7.

    -----------------------------------------------------------------------------

    Issues related to the:

    1 should. what updates I really low charge based on my use now and in the future?

    2 is it too late to perform a WINDOWS ANYTIME UPGRADE?

    a. Research on the web, seems to come into conflict if it is still possible to do so.

    b. I see there are sites indicating WINDOWS ANYTIME UPGRADE FREE KEYS. Is it "FREE" and at what price?

    c. I see that Microsoft will stop supporting Windows 7 completely in a few years. What are the options to replace my current WINDOWS 7 HOME PREMIUM?

    Thank you for any assistance that you can share.

    RT

    Hi Roger,

    With the description, I understand that you have a few questions about Windows Anytime Upgrade and Windows updates on your Windows 7 machine. I will certainly help you to the query.

    I would like to inform you that mentioned updates are recommended and are important for maintaining the operating system up-to-date. You can see below the article for more details:

    Updates: frequently asked questions

    http://Windows.Microsoft.com/en-us/Windows/updates-FAQ#1TC=Windows-7

    In addition, if you do not want to install the Windows 10 operating system, then you can refer to the below section mentioned to cancel the upgrade.

    Upgrade Windows 10: practical information on planning and notifications

    https://support.Microsoft.com/en-us/KB/3095675

    However, you can run Windows Anytime Upgrade in the following operating system until the product operating system becomes obsolete you can buy the upgrade button. I would also like to inform you that the operating system Windows 10 is free upgrade until July 29, 2016. So you can also choose the latest version of Windows before windows gets obsolete for support.

    Hope this information is useful. Please come back to write to us if you need more help, we will be happy to help you.

    Concerning

    Ravi Kumar

  • Error message: device is ready for use, and after a few minutes the error message "hardware Id missing.

    Original title: hardware Id missing

    I recently acquired a voice recorder HccToo 8 GB. However, whenever I connect it to my computer I get a message saying that the device is ready to use and after a few minutes the error message "hardware Id missing.
    The usb cable that connects to the camera has no problem (and should be universal). And I tried to connect to other computers on win 7 with the same results. I also watched online solutions, but this problem seems to apply mainly to phones.

    I would be grateful for any advice on what I can do about it.

    Hi Nikolai,

    Sorry for the late reply.

    Did you try to connect other USB devices and check the issue?

    If problem persists, try the steps to uninstall the USB Device Manager, uninstall the drivers of device from the list of programs, and then download the latest drivers from the manufacturer's website.

    Step 1:

    Uninstall the device from Device Manager

    • Open the Device Manager
    • Expand the USB section.
    • Find the USB device.
    • Click with the right button on USB and select Uninstall.
    • Select the check box delete the driver for this device.
    • Restart the computer after the uninstall is complete.

    Step 2:

    Uninstall the drivers of device from the list of programs in the control panel

    • Click Start, select Control Panel
    • Now, click on programs and select programs and features.
    • Find the USB.
    • Right-click USB driver and select Uninstall.
    • Restart the computer after the uninstall is complete.

    Step 3:

    Download and install the latest drivers for the USB on the manufacturer's Web site

    Hope it would help. If problem persists always post back with the current state of your computer and the result of the proposed suggestion, we will be happy to help you.

    Kind regards

  • BlackBerry software blackberry 10 data is not compatible with the version of the software of the device you are currently using

    Hello

    My update of 10.3.1.1565 sali writing entry to the top on my phone.  so I tried the downgrade to 10.2.1 to do all my files are gone, however I thought I was smart by making this morning during the execution of 10.3.1.1565 a full backup before attempting the downgrade to os 10.2.1 through BlackBerry Link

    In any case I had to restore my device to 10.3.1.1565 and now when I try to do a restore by using the .bbb (backup) I created to present IE get the following error message:

    BlackBerry 10 data is not compatible with the version of the software of the device you are currently using

    versions of the software on my phone now and the version of the software when I did my backup are exactly the same 10.3.1.1565.  I am able to restore my user files and applications ect, because it proposes to make a partial restoration,., but my contacts and don't forget files are now gone.  I NEED THEM.  How can I get that back...

    Help, please...

    Thank you

    Hello

    I thought about it.  so I thought I'd post.  Apparently the BlackBerry pulled the 10.3.1.1565 update.  Anway don't know what happened over butI usng Shenshi and grabbing an update of another carrier, after that, so I'm now able to do a full restore using my old BBB file.

  • Authentication VPN using ACS 5.2

    I want to use ACS 5.2 to authenticate VPN users and wireless.

    For VPN users, there is an internal group in the GBA box and an Active Directory group in AD.  I would like to be able to use both sources to authenticate VPN users.  Some VPN users will have local accts on the GBA, others AD box.  I'm having a hard time to rethink the policy.  It seems that I can get to use either AD or internal users, but not both.

    Creating identity store sequence and have internal user and AD in the Sequenece, refer to the attached screenshot and you can have this identity in the access policy, so both internal and external and AD store is checked

    Note: please rate the answer if it was helpful

Maybe you are looking for