Cisco ACS 1113 appliance v4.1 - integration of RSA Securid v6.1

The Windows of Cisco ACS version seems to have the ability of integration with RSA Securid its listed in external databases. It can also support the SDI Protocol if you install the agent on the Windows ACS platform. I need to use a Cisco ACS 1113 but RSA Securid does not appear in the section external databases. This mean that I won't be able to use the SDI Protocol only available RADIUS.

And Yes you are right,

With ACS, we need to configure using RADIUS, on ACS SE it won't work with SDI.

Kind regards

Prem

Tags: Cisco Security

Similar Questions

  • Does Cisco ACS 1113 v4.2 device work with Windows 2008

    Hello

    I have a wireless currently in production infrastructure. All my Cisco LWAP is managed by Cisco WLC. Authentication is done via RADIUS through my device Cisco ACS 1113 running on version 4.2. The Cisco ACS 1113 device communicates with my Windows 2003 Active Directory. Everything is good now.

    Next month, we plan to update Active Directory from Windows 2003 to Windows 2008? Will be all fine and good, or will it be questions? Please advice kindly.

    I saw another post in this community that the States https://supportforums.cisco.com/thread/1003597?tstart=0. I am now confused. Help, please.

    Kind regards

    RAM

    + 60122918870

    ACS 4.2 does not work with Windows 2008R2.  I had a case of TAC open about this, and basically, they told me that I had to switch to 5.2 ACS.   I've been doing demonstrations there and it authenticates with Windows2008R2 very well.

  • Cisco ACS 1113 v4.0.1.44 possibilities of reproduction have 1120 and 2nd 1113

    Hello

    We currently have 1 ACS SE 1113 running the 4.0.1.44 version that we are unable to take the Live service and we want to install a 2nd one for replication and resilience (and have the resilient pair running the 4.2.0.124 version).

    We had the following put at our disposal for this purpose an ACS SE 1113 and a CSACS 1120 times 4.2.0.124 the version currently running.

    Could you please tell if the following downgrade/upgrade process is valid (I see that the CSACS1120 does not suppot version 4.0 or 4.1).

    1. the downgrade 2nd ACS SE 1113 to version 4.0.1.44

    2. the replication between the 1113 establishment is so we now have our on-line data on both boxes.

    3. take the primary ACS out of service and confirm secondary now handles all requests.

    3. switch to level our primary ACS to version 4.1, then to the 4.2.0.124 version

    4. bring the ACS primary in-service and see works then take secondary ACS decommissioned for upgrade to version 4.1 and 4.2.0.124

    5 confirm replication now working at the 4.2.0124 version.

    Are there other methods possible to migrate our existing data directly from our existing of 1113 to one of the other devices (1113 and 1120) 4.2.0.124 running without going through the process of decommissioning/updated above.

    Thanks in advance for your help.

    Jim.

    Hi Jim,.

    I understand that you have 3 devices - 2 ACS ACS 1113 and 1120 1.

    ACS1 - 1113 4.0.1.44 - running in production.

    ACS2 - 1113 4.2.0.124 - lab running.

    ACS3 - 1120 4.2.0.124 - running in the laboratory.

    You want to configure the replication in the production environment and the transfer of the backup of the ACS1 to 4.2.0.124.

    The path mentioned in the post is correct.

    You can try to do the following:

    take backup of the ACS1. Install ACS for windows 4.0.1.44 in the laboratory. Restore the backup of the ACS1. Upgrade the windows of the ACS to 4.1.1.24 and then to 4.2.0.124 in maintaining the database.

    Restore the database on ACS2 and ACS3. Configure replication for ACS2 and ACS3.

    Take a time out and replace ACS1 with the pair of replication of ACS2 and ACS3.

    I hope this helps.

    Kind regards

    Anisha

    P.S.: Please mark this message as answered if you feel that your query is resolved. Note the useful messages.

  • Integration appliance ACS 1113 with RSA-Urgent

    Hi Experts,

    I got the following steps to install the fix on ACS 1113 V 4.0 Box.

    Instructions on how to install the patch

    ========================================

    1 extract the ACS CSAuth.exe - 4.0.1 - RSA - SW -CSCsc12614- CSCsd41866.zip

    2 stop the CSAuth service

    3. locate \bin and save a copy of the current CSAuth.exe

    4. copy the extracted the zip to \bin CSAuth.exe new

    5 start the CSAuth service

    In step 3, it was mentioned that locate \bin and save a copy of the current CSAuth.exe (i.e. on device ACS 1113). Could someone help me with the steps to locate the ACS ACS 1113 unit dir.

    Thank you

    Smail

    Satish,

    These steps are for windows-based acs. For the steps of the device are different. You need patch for the device.

    Steps to download for device attached is patch

    You can download the patch from the unit of

    http://www.Cisco.com/cgi-bin/tablebuild.pl/ACS-Soleng-3DES

    Please note if assistance

    Kind regards

    ~ JG

  • Cisco ACS 4.2 1113 Recovery DVD

    Nice day!

    We have CSACSE-1113-k9 Cisco ACS 4.2 device 1113. And we need to reimage (restore the device to its original state). Can enyone help me with the correct link software.cisco.com image recovery DVDs?

    I'm trying to find it, but I can't see recovery dvd:

    Hello

    As far as I know, you don't have the possibility to download cisco.com ACS recovery DVDs. You can contact Cisco TAC and they can publish the software for you.

    Note If useful...

    Kind regards

    Kush

  • Integration of Cisco ACS and Cisco NAC Manager - downloadable ACLs

    Hello

    I have Setup Cisco NAC in my environment. These are all works well. The users themselves will get authenticated via Cisco NAC Manager. The Cisco NAC Manager meets with Cisco ACS for the part of the user database. These are all works well. I would like to activate downloadable ACLs. I tried to use the CISCO-AV-PAIR method and creating a downloadable ACL entry in the shared components, but nothing works. It's either I'm doing wrong or this configuration of the mine does not support downloadable ACLs? Please advice kindly.

    Kind regards

    RAM

    + 6 012-2918870

    Hello

    It is not possible.

    You cannot push the ACL in the NAC manager.

    If you make the Radius of NAC authentication manager, you can do is create roles the NAC Manager, and on the roles you define traffic strategies.

    Using the Radius attributes you can then map users to roles.

    Please, take a look at this:

    http://www.cisco.com/en/US/docs/security/nac/appliance/configuration_guide/48/cam/m_auth.html#wp1158789.

    HTH,

    Tiago

    --

    If this helps you or answers to your question if it you please mark it as 'responded' or write it down, if other users can easily find it.

  • Cisco ACS appliance takes long to start after initial config

    Hello

    I'll put up 2 ACS (1113 HW, SW 4.1) devices. After the initial configuration (IP address, admin pass etc.) and reboot, the devices do not seem to start or close the login prompt (even after a start of the night).

    What could be the problem with the device or my patience?

    Hello

    If you get something like from console windows,

    Then, make sure that you use less than 15 characters without spaces unit name.

    Kind regards

    Prem

  • Upgrade to Cisco acs 1120 to 4.2.1.15 help

    Hi all

    I downgrade of cisco device 1120 DCC acs 4.2.0.124 5.0, I need to upgrade to acs 4.2.1.15. Is device 1120 cisco acs supports 4.2.1.15, how do I upgrade 4.2.0.124 4.2.1.15.

    There are any server distribution for the upgrade. Please suggest on this, thank you

    Yes, you can upgrade it to 4.2.1.15 and you can download the version from the link below listed;

    http://Tools.Cisco.com/Squish/d4e4A

    Here are the files you need to download:

    ACSse-Upgrade-Pkg-acs-v4.2.1.15-K9.zip

    ACSse-Upgrade-Pkg-appl-mng-v4.2.1.15-K9.zip

    : Note apply the upgrade of management first and then software update. ..

    Distribution server is a machine where you can download the patch on the Cisco Secure ACS Appliance, so if you download the version on your laptop and download then only one distributor (nothing special)

    Upgrade an application of 4.2.1.15

    http://www.Cisco.com/en/us/partner/docs/net_mgmt/cisco_secure_access_control_server_for_solution_engine/4.2.1/Installation_Guide/solution_engine/upgap.html#wp1148376

    I hope this helps.

    Rgds, jousset

    Note the useful posts ~

  • connection via Cisco ACS 5.0 limit

    Hi all

    My infrastrucer wireless a few days ago I deploy Cisco ACS 5.0 with Active directory integration. My wireless users are connecting through web authentication process. The authentication process is gone through AD & his works very well. But I want to work on my 5.0 ACS that a user cannot simultaneously connect several devices at a time.

    Hello Sabine,.

    'max sessions' featre introduced acs 5.3.

    Maximum user sessions

    For optimal performance, you can limit the number of concurrent users to access the network resources. ACS 5.3 imposes limits on the number of simultaneous sessions of service by the user.

    The limits are defined in several different ways. You can set limits to the user level or at the level of the group. Depending on the configurations of the user's maximum session, the session number is applied to the user.

    IMPORTANT: for maximum sessions work for access of the user, the administrator must configure RADIUS account management.

    You can go through the link listed for more information below:

    http://www.Cisco.com/en/us/docs/net_mgmt/cisco_secure_access_control_system/5.3/user/guide/access_policies.html#wp1176806

    The code that you're using now ACS 5.0 is not recommended for a production environment. You need to upgrade the ACS to achieve the functionality of session max.

    Jatin kone
    -Does the rate of useful messages-

  • Cisco ACS 5.3 connect to multiple identity stores / external database?

    Hello

    I understand that Cisco Secure ACS 5.3 supports integration with the existing external identity repositories such as LDAP and Active Directory Windows servers. In fact, in my environment, my ACS 5.3 is now integrated with AD and RSA.

    My question is can Cisco Secure ACS 5.3 integrate with "several" WIndows AD, LDAP, RSA server etc.? If so, is there a document from Cisco saying this? The key word here is multipple. Please help with kindness.

    You can only authenticate against an Active Directory domain. If you have users from several domains, the domain that you configure in ISE must approve other areas.

    On the other hand, if you use regular LDAP so it supports multiple LDAP servers.

    It may be useful

  • TLS v1.2 on Cisco ACS 5.7

    Hello

    V1.2 TLS is supported on Cisco ACS 5.7 appliance virtual?

    If this isn't the case, you know were I can check it out?

    Thank you!!!

    Unfortunately, 5.7 ACS don't supports TLS v1.2

    We filed an enhancement request to support.

    CSCuu29920    ENH: Add support for TLS 1.2 on ACS 5.X

    Kind regards

    ~ Jousset

  • This version of Cisco Adaptive Security Appliance Software Version 9.6 (1) 5 is affected by Cisco Adaptive Security Appliance SNMP Remote Code execution vulnerability and Cisco Adaptive Security Appliance CLI Remote Code execution vulnerability of

    This version of Cisco Adaptive Security Appliance Software Version 9.6 (1) 5 is affected by Cisco Adaptive Security Appliance SNMP Remote Code execution vulnerability and Cisco Adaptive Security Appliance CLI Remote Code execution vulnerability of

    Hi vrian_colaba,

    You can take a look at cisco's Advisory here:

    https://Tools.Cisco.com/Security/Center/content/CiscoSecurityAdvisory/CI...

    Fixed versions

    Cisco ASA Major Release  First version fixed
    7.2 Affected; migrate to 9.1.7(9) or later
    8.0 Affected; migrate to 9.1.7(9) or later
    8.1 Affected; migrate to 9.1.7(9) or later
    8.2 Affected; migrate to 9.1.7(9) or later
    8.3 Affected; migrate to 9.1.7(9) or later
    8.4 Affected; migrate to 9.1.7(9) or later
    8.5 Affected; migrate to 9.1.7(9) or later
    8.6 Affected; migrate to 9.1.7(9) or later
    8.7 Affected; migrate to 9.1.7(9) or later
    9.0 9.0.4 (40)
    9.1 9.1.7(9)
    9.2 9.2.4 (14)
    9.3 9.3.3 (10)
    9.4 9.4.3(8) ETA 26/08/2016
    9.5 9.5 (3) ETA 30/08/2016
    9.6 (DFT) 9.6.1 (11) / 6.0.1(2) FTD
    9.6 (ASA) 9.6.2

    5 9.6 (1) is not part of the fixed versions, this means that is assigned for the SNMP Remote Code execution vulnerability.

    Cisco Adaptive Security Appliance CLI Remote Code vulnerability to run you can also take a look at cisco's Advisory here:

    https://Tools.Cisco.com/Security/Center/content/CiscoSecurityAdvisory/CI...

    Fixed versions

    The following table shows the first software versions that include fixes for this vulnerability (9.6 is not affected)

    Cisco ASA Major Release First version fixed
    7.2 Affected, migrate to 8.4 (3) or later
    8.0 Affected, migrate to 8.4 (3) or later
    8.1 Affected, migrate to 8.4 (3) or later
    8.2 Affected, migrate to 8.4 (3) or later
    8.3 Affected, migrate to 8.4 (3) or later
    8.4 8.4 (3)
    8.5 Affected, migrate to 9.0 (1) or later version
    8.6 Affected, migrate to 9.0 (1) or later version
    8.7 Affected, migrate to 9.0 (1) or later version
    9.0 9.0 (1)
    9.1 Not affected
    9.2 Not affected
    9.3 Not affected
    9.4 Not affected
    9.5 Not affected
    9.6 Not affected

    Hope this info helps!

    Note If you help!

    -JP-

  • Problem with certifcate on Cisco ACS

    We want to authenticate our internal wireless users using our Cisco ACS running 5.3.  GBA questions our Active Directory environment for the user name and password provided.  I created a CSR on GBA and it provided to Entrust.  They gave me a root certificate, string and server.  I've linked the server certificate to the CSR under System Administration > Local Server Certificates > local certificates.  I then added the chain and the root certificates to the users of the site and identity stores > autorit├⌐s.  When I try to connect to a laptop client he asks a user name and password, but after entering this information, I am presented with the warning on this certificate below.  This certificate is to Entrust and I see the certificate root in the root store on the laptop.  Any ideas what would cause this.  TAC does not seem to have all the answers.  They say it's a problem of the client machine.

    In case you want to check your configuration settings.

    http://www.Cisco.com/en/us/products/ps10315/products_configuration_example09186a0080bd1100.shtml

    ~ BR
    Jatin kone

    * Does the rate of useful messages *.

  • Cisco ACS server

    Hello

    I currently have a Cisco ACS 3.3 Server. I want to upgrade the server to the latest version and cluster with one another so that we can have a redundant infrastructure because if one fails it also includes...

    Can provide you a solution for this?

    Thank you

    Hello

    The latest version is 4.1 ACS. You can upgrade 3.3.3 build 11 directly to 4.1.

    Then, you can install an another ACS 4.1 on a different machine and replication configuration between these two. In this way, you will need to make changes to only one that ACS and the secondary will be automatically updated.

    Once these two are defined, you can set both of these servers as a server Radius/Ganymede on devices and there will be a redundancy.

    Kind regards

    Vivek

  • How can I use Cisco ACS to save Shell commands

    Hi guys, pleeeease how can I configure Cisco ACS to do command authorization on my Cisco 3660 router. I get the accounting logs and authentication but no newspaper that show orders issued by users - shell and it's the most important paper that I need. I read materails and download articles on the site of Cisco... but the thing is still does not give me the papers.

    I have these lines on my router:

    ...

    AAA authorization config-commands

    AAA authorization exec default group Ganymede +.

    AAA authorization commands 15 default authenticated if

    AAA authorization network default group Ganymede +.

    ...

    It's funny, when I turn on debugging of the authorization of the AAA on the router, it shows me every command being sent by the user on the debug log. But nothing shows under Administration TACAC + on the Cisco Secure ACS. What is responsible for this?

    *****************************************************

    I installed the trial version of the Cisco ACS 90 days and made all necessary settings and I have to say I like what I see already. I'm opening moves to recommend the product to purchase. Thank you guys, I got about the features of this ACS software through this forum, keep up the good work. I recommend the software for those who need to have adapted to the management reports Security Audit logs.

    If I understand what you're asking correctly, the answer is not in the authorization, that it is in accounting. I set up on my routers and send to ACS orders that level 15 privilege users enter on the router.

    orders accounting AAA 15 by default start-stop Ganymede group.

Maybe you are looking for