ACS 4.0 device
Hi all
I was wondering if anyone knows when the device product Cisco ACS 4.0 will be released in Australia. Version 4.0 of windows was released, but I'm still waiting for the version of the device.
Thank you
Cam
Last I heard, except a problem, will take place mid - Feb. Of course don't hold me to this, the date is not confirmed, and I will refuse any cross-examination :-)
Tags: Cisco Security
Similar Questions
-
Migration of ACS of the device to windows server
Hello
Is it possible to migrate the ACS 4.2 device to microsoft server 2003?
has tried it before?
R/g
There is no problem to migrate from the device of the CSA to ACS for windows.
If you wish to do this, it is best that your ACS for window running the same version of the code in form of ACS appliance.
You can do a backup on device ACS and restore it on ACS for windows.
-
Exporting customers ACS 4.2 devices
Is there a way where I can just export clients of a server and restore them on another?
Tehre may be a way to covnert the dmp file to another format, such as csv, then edit it and return dmp conversion?
Thank you
Hello MarekVanco
You can restore the AAA client by taking a backup of the original server file i.e. dmp and restore only 'system config Ciscosecure ACS'. It will only restore the network devices.
Please note: you cannot change the .dmp file.
Thank you
Nelson
-
5.3 and chenges wide ACS on network devices
Hi, I need to identify a way to modify a large number of ACS 5.3 network devices, name, type and location of update.
Exim is the best solution?
Thank you
Renato
Hello Renato.
Import/export is a good option already.
Another option are Python shell scripts:
http://www.Cisco.com/en/us/docs/net_mgmt/cisco_secure_access_control_system/5.3/SDK/cli_imp_exp.html
Kind regards
Federico
-
Configure the ACS 5.1 device to connect to the AD
Pls advise.
This is a new installation. I had to configure the ACS to connect to the ad to authenticate users and retrieve user information for the group as a result of step mapping.
Go to the users and identity stores > external identity stores > Active Directory and enter the domain name
appoint and give a name of user and password which will allow to connect to the domain. Then, click Test connection to validate join them the domain.
I got successful connection test. But when I click on save changes. I got error.
How has the problem been resolved?
Best regards
Boonkiat
It can be many things.
DCs how do you have in your area? They are all accessible by the ACS?
You return the SRV records for your ad?
-
The ACS 5.3 device name time and telnet
Dear all,
This is the place to discuss GBA, I need two entries more experts
ACSServer
Thu Sep 13 14:35:28 UTC 2012
pughaz
15
[CmdAV = Ganymede ip source-interface FastEthernet 0/1]
Device Type: all device Types: ROUTERS, location: all locations: MATERIAL DC NOT
On the above message
1 need to chang time UTC at IST
2. the device column does not appear the exact device name; I have telnet and config changed, is to show the name of the single unit group, how to get the exact device I appoint telnet on this message
Hello
You can change the zone through the cli:
For the exact syntax of zone-
Here is the command to do this-
As far as the name of the device does not, you can check the column settings and see if it can removed.
Thank you
Tarik Admani
* Please note the useful messages *. -
Ping on ACS 4.2 activation device HW.
Does anyone know how to activate the Ping on the GBA hardware appliance? I'm running 4.2.
---> ACS---> system---> configuration Device Configuration uncheck CSA---> Submit.
Now you should be able to ping.
Kind regards
~ JG
Note the useful messages
-
Hello
I have install ACS with a device group that covers a large number of devices on my network and I apply rights to this if necessary.
But now I need to give to a group of users access to a single device that is included in this group. I can't create a new device group to cover this unique device as the address overlaps. Is there a way that I do this without having to split my existing at least 3 volume group.
Hello
This can be achieved by using restricted access network (OAN) GBA.
By NAR, you can deny access permission/user/group based on device/NDG/NAF.
The following link can give you more details about it:
http://www.Cisco.com/en/us/products/sw/secursw/ps2086/products_white_paper09186a00801a8fd0.shtml
Note: If you do not get the option to NAR allow configuration of the interface.
~ Rohit
-
Cisco Secure ACS Solution Engine ping
1. I installed Cisco Secure ACS Solution Engine with V3.3 and I can access via the http port 2002 but I can't it ping from anywhere in the network, but the server can ping every thing, is this normal.
2. If I can't ping haw I can define the service keeplaive to load balance 2 ACS engine using CSS
By the way, I forgot that ACS 3.3 device has a CSA integrated. This agent is enabled by default. He explains why you can't ping it.
For enable/disable it, go to "System Setup Configuration - device. Toggle the checkbox enabled the CSA according to needs.
Rgds,
AK
-
Secure ACS unit and Remote Agents
Hello
We test Secure ACS 3.2 device and authentication against AD via remote agents. When two or more remote agents are registered with the device in the network menu, is the pretty smart device to try the second machine remote agent if she can't talk to the first? We tested this failover by stopping the service of the remote agent on the first domain controller where it has been installed. However, failover does not occur. We want to know if this failover is supposed to work, and if so what we need to do to make it work.
Yoshi Nagase
Hello
I implement a solution similar to yours... 2 ACS unit with 2 Remote Agent...
I set the remote agents on the Network Configuration and the external user DB - database of Windows - Windows Remote selection of the Agent.
In this menu the value primary and secondary Remote Agent
HTH
Omar
-
Error of org.xml ACS 5.3 Exception when executing reports
Hello
5.3 GBA running on a device of 1121
When you run a report's RADIUS authentication, accounting, etc. is all report, I get the error attached image (org.xml.sax.SAXParseException...). I have not yet found a solution. I'm running another ACS 5.2 device that does not have this error
If the upgrade to a newer version will solve this problem, the license (5.3) will suffice.
Any help is appreciated
Kind regards
MOE Shea
Hello Mo,
I have this error either a browser problem, I recommend you watch the ACS 5.3 release notes and confirm if you are currently using a supported browser:
http://www.Cisco.com/c/en/us/TD/docs/net_mgmt/cisco_secure_access_contro...
A restart of services can take care of it as well in case you are using a supported browser.
Note: Please mark as answer as appropriate
-
CS ACS Solution engine with external AD database
I have a client who has set up a CS ACS Solution engine (device). They currently have VPN tunnels that terminate on the SAA and the ACS provide authentication via an external database to the AD. I did the installation or configuration of the device and I'm new to ACS. There is a group in an ad that was created to allow access to the VPN, and it works. I created a second group in AD and a test user. The user account will not correctly authenticate when establishing a VPN session. I checked the agent ACS logs on the controller of the AD is to show that the user performs the authentication correctly, and it seems that the agent is not transmitting this information to the ACS. Alternatively, the ACS is ignorant. The GBA, the generated error is "external DB account Restriction." I can't find anything specific to this topic. I checked that the announcement represent works and can log on to a workstation. I checked the properties of account for the test account. I think it's related to the membership of the group. I have a group in ACS named exactly the same as the ad group and of the test account is a member of this group. I don't know where to start any help would be appreciated.
You must map this group
User to external databases > database group mapping > Datbase of Windows... section
A group of ACS, naming the group exactly the same as the Windows AD Group ACS establishes no relationship between them.
I guess that your all other combinations in the group mapping are mapped to one ' "group, OR to a group that is disabled.
Please ensure that the mapping of good group on ACS for the new group you created on AD.
If you move in the right direction, problem seems to reside in group mapping
Kind regards
Prem
-
Hello
We installed the new ACS 4.1 device. Its fine for all newspapers but newspapers for work permit do not come. I made the necessary configuration in the AAA clients. If anyone can help with that. I need to upgrade the application?
Pls suggest...!
Update and install with the latest patches available in cisco. It will work. Update 4.1.1 bulid 23.
-
Unit of ACS and agent remote test
Problems with unit ACS integration with Active Directory. Have installed the remote agent on a member server and the ACS unit can enumerate Active Directory groups correctly so there is at least some communication happening.
Looking at newspapers in the remote agent whenever a request for ad groups comes through see you the corresponding journal entries. When a user tries to authenticate that there is no future logs through the remote agent. So maybe it is not sent to remote agent?
In the authentication failed, connect GBA, the error is unknown user, it shows the correct username + domain name such as the person trying to authenticate.
Windows Server is configured for a unknown user policy.
Version of the ACS is 4.1.1.23, Remote Agent is the latest available version.
Any ideas or things to check?
Hello
According to the guidelines of your last line, it seems that the ACS and RA worm are not even. Please note that ACS and RA device software worm must be same or it won't work.
Kind regards
~ JG
-
Cisco ACS 4.2 1113 Recovery DVD
Nice day!
We have CSACSE-1113-k9 Cisco ACS 4.2 device 1113. And we need to reimage (restore the device to its original state). Can enyone help me with the correct link software.cisco.com image recovery DVDs?
I'm trying to find it, but I can't see recovery dvd:
Hello
As far as I know, you don't have the possibility to download cisco.com ACS recovery DVDs. You can contact Cisco TAC and they can publish the software for you.
Note If useful...
Kind regards
Kush
Maybe you are looking for
-
How can I remove 'Bar' of a document?
I crossed out through my entire document How it go down. I can not find a sign for him
-
During extraction of music from my cd to the library, I get an error msg saying: the data (including album art, track list, etc.) cannot be downloaded. This just started today (19/02/10) - this function has worked the day before. Any help appreci
-
Original title: fault of the Explorer How can I solve this problem. Sometimes when you try to open an attachment, I see this message: Windows could not perform this operation because the explore default e-mail client has not been installed correctly.
-
Update statement with multiple joints
HelloI use Oracle 12 c and here my Question:/*ledgerstb is an Oracle the ITO (TransNo column is the primary key)vledgerstb_gtt is a global temporary Tablevledgervc_gtt is a global temporary Table*/UPDATE(, SELECT ledgerstb. TransNoVC AS TransNoVC_Old
-
Migration of the old folios DPS - HTML resources
HelloIM migrating some old folios of DPSuite to DPSolution and may not know how to use the HTMLResources zip.The zip contained some PDF documents that I need to make a link to folios.Ive searched and read some threads (here and here) - on the one han