CiscoSecure ACS v3.1 - email separators?

All,

We would like to add more than one e-mail address to the ACS Email event logging using the:

Management System-> Management Service ACS

We tried the obvious delimiters between e-mail addresses, but they seem to all fail.

Can someone tell what to do to get event notifications sent to multiple e-mail addresses.

Kind regards

Fred.

AFAIK ACS will be able to send an email to a person, since he basically just send the Telnet to port 25 on any SMTP server you specify and cut/pastes, everything you typed in the To: field. If you telnet to port 25 on your SMTP server and:

HELO

MAIL to: [email protected] / * /; [email protected] / * /

(where "[email protected] / * /;") [email protected] / * /"(est exactement ce que vous avez tapé dans sur l'écran de config ACS) it will probably complain." There is nothing within the AEC to make suddenly send two emails using two different MAIL to: orders just because you entered a delimiter in the field.

Around that, the easiest method is to simply create an internal e-mail alias and send the email so that your SMTP server will then manage the distribution to that of this alias.

Tags: Cisco Security

Similar Questions

  • CiscoSecure ACS UCP request help needed

    I upgraded CiscoSecure ACS from 4.1 to 4.2, CiscoSecure ACS UCP running application that has been configured to install ACS 4.1, so I that I need to change the Application of UCP or it works perfectly?

    I check the logs of database replication it says "cannot replicate to"wirelesspwd"- server replies do not.

    Thank you

    ALMAS Sangaré

    Both should run on the same version so if you upgraded ACS version then you need to upgrade the UCP version too.

    UCP 4.2 installation guide

    http://www.Cisco.com/en/us/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/installation/guide/user_passwords/UCP.html

    Kind regards

    Jousset

    The rate of useful messages-

  • CiscoSecure ACS RADIUS logs upload on FTP Server v4.2

    Hello

    I use an appliance v4.2 CiscoSecure ACS, in this sort as RADIUS logs upload on FTP server because it has limitation for storing RADIUS logs.

    Please advice.

    Thank you

    AS

    You can only configure logging remotely. The Cisco Secure ACS Solution engine devices configured to use remote agent send the record directly on the logging of remote agent service, CSLogAgent data. CSLogAgent wrote logging hard disk data to the location specified by the configuration provider. The logs contain the columns specified by the configuration provider.

    http://www.Cisco.com/en/us/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/user/guide/LgsRpts.html#wp703058

    Jatin kone
    -Does the rate of useful messages-

  • Can ACS notify by Email when success of incremental backup?

    Hello

    Small question:

    Can Cisco ACS 5.8.1 inform us by e-mail if the full backup or incremental backup has completed successfully (or omitted)?

    I have Setup on Email value and parameters of the alarm system on GBA.

    Thank you

    Kind regards

    Arie

    Hi Arie,

    We'll get emails for backup no successful case and we will have no alarms for the success of conservation. We can see the backup status of the Scheduler page. Please see the details of the message link below.

    http://www.Cisco.com/c/en/us/TD/docs/net_mgmt/cisco_secure_access_contro...

    We will have the same alarms for the email too.

    Thank you

    Catherine

    Please evaluate the useful messages and mark the correct answers.

  • How to change ACS password expiry email messages?

    Hello

    Does anyone know how to change e-mail messages that can be set to be sent to notify users of password expiration 5.7 ACS?   I want to change the wording of the message, but it doesn't seem to be a center to do.     Is there a way to do it from the cli maybe?

    Thank you

    Chris

    Chris,

    The e-mail message can be customized in the GUI or the CLI.

  • CiscoSecure ACS 4.2 could not start due to failure of the services start bit

    There are few services that wasn't able to restart, they are as follows:-

    (1) CSAuth

    Error:-"Windows could not start the csauth on local computer. For more information, see the system event log. If it is

    a non-Microsoft service, contact the service vendor and refer to service 1060 "specific error code

    (2) CSTacacs

    Error:-"Windows failed to start the cstacacs on the local computer. For more information, see the system event log. If it is

    a non-Microsoft service, contact the service vendor and refer to service 1066 "specific error code

    (3) CSRadius = start

    the rest of services like CSAdmin, CSDbSync, case were lit.

    Also I am not able to take the acs system backup of the System Configuration-> ACS Backup and pressing backup now. It shows the msg of error as

    : - CSAuth service must be running to start the backup

    I was referring to the snapshots of the OS itself, but I guess you checked now.

    Do not forget that the case works so you should see logs for services that do not work. Learn about the \CSAuth\logs folder for logs CSAuth and other records for other services that do not work.

    There is a located here very detailed troubleshooting guide:

    http://www.Cisco.com/c/en/us/TD/docs/net_mgmt/cisco_secure_access_contro...

    This guide should help you solve the question if there is no other software on the server to cause trouble. One thing it says who can apply to you is to ensure that the Windows Firewall as connection sharing Internet is not ongoing.

    Because I am familiar with your server, I think you should do the quick test below for if sure there are not taken, which may be crashing the authentication services that you mentioned. In the command line, type "netstat - ano | Findstr Listening-i"and see if or not he has taken open your ports Ganymede + and radius. He will probably return false, but it's worth a check.

    Worst case scenario, you may be able to use CSUtil to back up the database (I'm fairly certain you can back up services that work), install the ACS on a new Windows 2003 server, and then restore. You can use CSUtil to many types of exports and operations as well.

    If you manage to deal with the problem or not, you should speak with the person who is responsible for making backups of your servers and make sure that something like this was coming once again that you can have a quick fix during a maintenance window.

  • CiscoSecure ACS 2.3 install

    I perform a migration from v2.3 to v4.1.

    I am able to download a trial version of 3.0 and 4.0... but I need to upgrade the v2.3 and I don't want to do a upgrade "on the spot", in case something goes wrong. I want to install 2.3 on another computer, copy the DB above, and then perform the upgrade.

    I can't find a copy of v2.3 for Windows NT on Cisco's Web site. Any ideas on where I can find it?

    Please give me your email id, I have it will ship to you. Also I would like to know if it's the 2.3.1 and 2.3.2,.3?

    Kind regards

    ~ JG

  • Cisco Secure ACS 3.3 (1)-> 4.0 upgrade problems (1)

    Hi all!

    I have problems updating my primary ACS since version 3.3-> 4.0

    I always get the following error message, then it does the upgrade:

    "The record of the CiscoSecure ACS seems to be blocked by another application: C:\Program Files\CiscoSecure ACS v3.3.

    Please close all applications... blabla... »

    The thing is, I have improved my ACS backup first, and this upgrade worked like a charm.

    In both cases, both for the primary and backup I do a takeover with Dameware remote, copied the ACS 4 folder on the hard disk of the server and make the upgrade of this folder.

    As I said, the upgrade of backup server worked without a hitch.

    That's what I tried:

    1. I checked that NO application use the 3.3 ACS file and no Explorer window is open on this folder or subfolders.

    I checked using a small program called Filemon.exe from Sysinternals. According to this program, anything accessed said folder.

    I also checked it again by renaming actually ACS 3.3 file once I stop all services of the ACS. I could not rename the folder if the services have been started.

    2. I tried to stop the ACS services first and then make the configuration, got the same error.

    3. I have disabled the antivirus software, got the same error.

    Basically I am at my wits end now...

    However, I have two options:

    1. uninstall ACS 3.3, do a clean install of ACS 4.0 and import the data of all the GBA backup.

    Who would not raise by the primary association with the ACS configuration backup? So I think I will need to go on it later and make changes, if necessary?

    2 make a backup of the ACS 3.3 with csutil b

    Uninstall ACS 3.3, do a clean install of ACS 4.0 and import all the data with csutil - r

    Would this work? I've seen conflicting information here in this forum, some say that it works, the other say it's not.

    I'm a little confused why it worked so well the GBA backup but fails on the primary ACS.

    Any help would be greatly appreciated!

    Thank you!

    Ivar Thorolfsson

    Hello

    Folder lock message often appears if newspapers located in the directory of the ACS are too big.

    Move the logs of the following directories: -.

    CSAdmin\Logs

    CSAuth\Logs

    CSDBSync\Logs

    CSLog\Logs

    CSMon\Logs

    CSRadius\Logs

    CSTacacs\Logs

    Newspapers

    Then try to upgrade.

    Kind regards

    Vivek

  • Dashboard ASA ASDM Cisco ACS

    Hi all

    We use CiscoSecure ACS 4.2 for AAA.

    In our ASA 8.2.5 ASDM 7.3 (1) 101, if connect us with user group privilege 5, we would be unable to see the dashboard of firewall for Top 10 Services / Sources / Destinations.

    Someone knows how to have the privilege of established, essentially the Group of users that we have only in read-only, but can see the Top 10 services/sources/destinations edge ASDM

    Thank you very much

    Hi David,

    Yes you are right with privilege 5 you would be able to make these changes.

    You can use one of two methods of authorization in order to work around this limitation:

    Local database: configure command on the security privilege levels
    device. When a local user authenticates with the enable command (or logs
    with the command login), the security apparatus put this user in the
    level of privilege that is defined in the local database. The user can then
    access controls at and below the user privilege level.

    Note You can use the authorization of local control without all the users in local
    without CLI and database or enable authentication. Instead, when you enter
    enable command, you enter the enable password and security
    device puts you in level 15. You can then create enable passwords for
    all levels, so that when you enter enable n (2 to 15), security
    device puts you in the level n. These levels is not used, unless you put
    local command authorization (see "setting up order Local
    Authorization ".
    http://www.Cisco.com/c/en/us/TD/docs/security/ASA/asa80/configuration/gu...

    GANYMEDE + server: GANYMEDE Server + (ACS), to configure the controls that can be used by a user or a group after they authenticate to access CLI. All the commands that a user enters in the CLI are verified with the GANYMEDE server +:

    http://www.Cisco.com/c/en/us/support/docs/security/secure-access-control...

    It will be useful.

    Kind regards

    Aditya

    Please evaluate the useful messages.

  • Interaction of Ganymede + and radius ACS 2.6 download PIX ACLs

    We have ACS v2.6 running and control our connection to remote, routers and switches access. We are now looking to add support for a PIX firewall internal and want to use downloadable ACS ACL for the PIX. (to control outbound traffic through the PIX for authenticated users)

    We have achieved this help attributes RADIUS of Cisco IOS/PIX

    [009\001] cisco-av-pair on ACS. (and ACL restrictions of access on access to users)

    However the problem we noticed is that any user is valid in our database of CiscoSecure or SecureID can authenticate and gain access to through the firewall, even if they are not allowed to do this (and as it is by default on PIX from inside to outside is allowed unlimited full access).

    Was then imposed restrictions on network access on the CiscoSecure ACS for our PIX - to allow only access of corresponding user groups, but it did not work with RADIUS only GANYMEDE + (I guess that's because the RADIUS does not support approval).

    We must work with GANYMEDE + and the passes of the ACS to the bottom of the ACL number/ID for the PIX for users allowed.

    Question: We want to use downloadable s ACL of ACS for the PIX (for reasons of central support) is possible using GANYMEDE + and if yes how we re CiscoSecure ACS suitable for the ACL example below;

    pix_int list access permit tcp any host 10.x.x.x eq 1022

    pix_int list access permit tcp any host 10.x.x.x eq 1023

    Thank you

    Download ACL works only with the RADIUS, as described here:

    http://www.Cisco.com/warp/public/110/atp52.html#new_per_user

    You can continue to set the ACL on the PIX itself and simply pass the ACL via GANYMEDE number (as shown here: http://www.cisco.com/warp/public/110/atp52.html#access_list), but you can actually spend the entire ACL down via GANYMEDE, sorry.

  • Problem connecting GANYMEDE on ACS 4.0

    I have configured the ACS area with a correct customer LAN infrastructure including client ip addresses to devices, a key, then assign authentication via GANYMEDE. I configured a test user in the local ACS internal database. Next, I set up a switch with the IP address of the ACS and the correct key. When I then try to connect to the switch he fails, and the following is recorded in the log of failed attempts of ACS:

    2007-08-29 11:39:22 authentic failed... Default group... (Default) Incompatibility of keys...... .. x.x.x.x.. .. .. .. .. Switches LAN LAN-Infrastructure

    I have triple checked that the keys are correct and yet fail reason is incompatibility of keys. I don't know if I have something bad in config or if there is a bug.

    Cisco switch configuration:

    AAA new-model

    connection of AAA 5 authentication attempts

    AAA authentication login default group Ganymede + local

    AAA authentication local console connection

    the AAA authentication enable default group Ganymede + activate

    AAA authorization exec default group Ganymede + authenticated if

    AAA authorization commands 15 default group Ganymede + authenticated if

    AAA authorization commands 15 no_tacacs no

    AAA accounting exec default start-stop Ganymede group.

    orders accounting AAA 15 by default start-stop Ganymede group.

    !

    RADIUS-server host x.x.x.x

    done - no radius-server request

    RADIUS-server key xxx

    Server RADIUS ports source-1645-1646

    Version of the ACS:

    CiscoSecure ACS

    Release 4.0 Build (1) 44

    What could be worng

    Please check,

    ACS network configuration---> NDG (where you have this switch)--->---> Change---> Remove key properties.

    NDG key replaces the key aaa client.

    Concerning

    ~ JG

  • ACS Remote Agent

    HI guys,.

    I installed the Remote Agent ACS on my AD controller. I can add the agent to ACS... but I do not see the Windows authentication avaiable in the agent...

    The Agent runs with a service account that has all rights AD.

    Anyone able to help?

    Make sure that this worm device software and remote agent are the same.

    To display the version of CSAgent.exe, type csagent.exe - v, and then press ENTER to command line

    C:\Program Files\Cisco\CiscoSecure ACS Agent\csagent

    Kind regards

    ~ JG

  • RADIUS does not not on Cisco ACS SE v4.1 (1)

    Hello

    I have a CiscoSecure ACS version 4.1 (1) build 23.

    I can't configure the Cisco ACS for granular control of access router. I have a Netopia Router that is configured to use RADIUS to authenticate remotely for a telnet connection. The router sends the request to access the Cisco ACS SE RADIUS and a sniff on the side of the ACS shows the application of GBA, but I see no response from the ACS. RADIUS authentication to work with a Windows 2003 server.

    I configured an AAA client and a user of the ACS and use the default group. I use IETF RADIUS. Should what attributes I configure. In Windows, I use Service Type framed and Framed-Protocol PPP. This does not work with the Cisco ACS SE. Nothing shows up in the newspapers. It shouldn't be so difficult, but for some reason I can't make it work.

    Thanks for any help.

    Jutta Kullmann

    Jutta,

    Good to know it works very well. Please mark this thread as solved so other can benefit from.

    Kind regards

    ~ JG

  • 4.2 ACS services does not

    The server is running Windows 2003 SP2 and due to a problem it has restarted. After you restart all services stopped working.

    CSAdmin, CSMon, and CSRadius hanging in State and case of departure in shutdown state. When I program the startuptype manual and began these services

    I got "failed to start the CSAdmin service on Local computer. Error 1053, that service has not responded to the application launch or control in a timely. "

    For the service case, it gives the error message "the service of cases on Local computer started and then stopped. Some service automatically stop if they

    "no work to do, for example, the service logs and alerts.

    In the eventviewer it shows "the description for the event (1) in Source (CiscoAAA) ID is not found. The local computer may not have the information necessary registry or message DLL files to display messages from a remote computer. You may be able to use the option/auxsource = flag to retrieve this description; For more information, see Help and Support. The following information is part of the event: CSAdmin, cannot initialize SchemeLayer, 74. »

    While the automatic startup type event viewer displays error below.

    "The description for the event (1) in Source (acs) ID is not found. The local computer may not have the information necessary registry or message DLL files to display messages from a remote computer. You may be able to use the option/auxsource = flag to retrieve this description; For more information, see Help and Support. The following information is part of the event: * ERROR * failed Assertion: 103401 (9.0.0.1271)

    Could not open the file (C:\Program Files\CiscoSecure ACS v4.2\CSDB\acs.db) who previously opened successfully; error = 32. the description for the event (1) in Source (acs) ID was not found. The local computer may not have the information necessary registry or message DLL files to display messages from a remote computer. You may be able to use the option/auxsource = flag to retrieve this description; For more information, see Help and Support. The following information is part of the event: * ERROR * failed Assertion: 103401 (9.0.0.1271)
    Could not open the file (C:\Program Files\CiscoSecure ACS v4.2\CSDB\acs.db) who previously opened successfully; error = 32. »

    Please help me solve this problem.

    Thank you

    Since we had no access to the ACS server. We tried to take backup of csutil but there was the schemalayer error message. As we stopped AV, logs files removed from the directory, killed services stuck from the Task Manager and restarting the server. If it's still not allowing you to restart services, most likely you need to take backup, uninstall the ACS server and reinstall the same version of ACS, followed by restore.

    ~ BR
    Jatin kone

    * Does the rate of useful messages *.

  • ACS 4.1 compatible with WLC 6.0.196.0

    Hello

    I have to upgrade our WLC4404s from version 4.2.207.0 to 6.0.196.0 so that our new 1142N APs are supported. Is someone can you please tell me if I am required to upgrade to Cisco Secure ACS version 4.1 and 4.2 to stay compatible (Windows) Please?

    The WLC 6.0.196.0 notes publication to State "this product has been tested with CiscoSecure ACS 4.2 and later and works with any RFC-compliant RADIUS server."

    Thank you

    Brodie

    An upgrade is not required for the current features continue to work. You only need to upgrade to 4.2 improvements. 4.1 conforms to the RFC.

Maybe you are looking for

  • recognition of loan boost

    Have a 2 GB SD card when the readyboost function was recognized when the first inserted.  Ready boost at that time there was not activated.  Now I want to use this feature, but this tab is not displayed.  How can you make this feature to reappear.  I

  • HP pavilion PC g6 noise and acoustics

    PC Audio and HiFi not installed

  • I can not get internet connection on my compaq Presario57! I must be close to my router!

    Me and my brother have a laptop. He can get internet anywhere in the House except me! I have to stay close to our router. Even if I get like 5 inches, I can't have internet connection! Someone help me please? I have a compaq Presario CQ5! This has ha

  • Call process BPEL PL/SQLand of input XSD to BPEL

    To call PL/SQL of BPEL processAlso the PLSQL block must input xml source BPELCan someone help me in this requirementAny piece of code sample is much appreciatedThanks in advance.Sandrine

  • How to prevent the nag upgrade tools?

    How to stop the attached message to appear?  I tried several things, I found here without solution.  Set tools.upgrade.policy = 'manual' in the vmx file does not help.  I also found a few registry changes (for guests), but no help.  The thing is that