PIX by RADIUS and access user-list

Anyone knows if with Microsoft (IAS - RADIUS service) Internet Authentication Service

It is possible to use download the access list for the PIX (access by user list) firewall and how do I configure IAS for this feature.

Thanks in advance.

Yes, it is possible. Take a look at this link which explains how I could make it work:

http://www.Cisco.com/univercd/CC/TD/doc/product/iaabu/PIX/pix_62/config/mngacl.htm#33910

I don't remember all the steps I took to get the ISA server computer to return the string VSA CISCO specific (attribute 26), but you should be able to understand. I am, in any case, an expert of the IAS.

I hope this helps.

Scott

Tags: Cisco Security

Similar Questions

  • Flash Wrapper and access user-defined variables

    I'm working on creating a Flash AS3 wrapper to combine several files cpativate.  I am able to retrieve system variables, but I'm not able to recover the user-defined variables.  I have a variable that is defined by the user in my Captivate called passedScore, in my Flash script, I have the following...

    var mcLesson1:MovieClip;

    btnHit.addEventListener (MouseEvent.CLICK, test);

    var vLoader:Loader = new Loader();

    vLoader.contentLoaderInfo.addEventListener (Event.COMPLETE, swfLoaded);

    vLoader.load (new URLRequest ("untitled1.swf"));

    function swfLoaded(e:Event):void {}

    mcLesson1 = MovieClip (vLoader.contentLoaderInfo.content);

    vLoader.contentLoaderInfo.removeEventListener (Event.COMPLETE, swfLoaded);

    addChild (mcLesson1);

    }

    function test(event:MouseEvent):void

    {

    feedback1. Text = mcLesson1.cpInfoCourseName;

    feedback2. Text = mcLesson1.m_VarHandle.passedScore;

    }

    retroaction1 correctly displays the name of the course, however, for feedback2 it errors saying a term are indefinite (referring to m_VarHandle)

    try to use mcLesson1.cpEIGetValue ('m_VarHandle.passedScore');

  • I use firefox and tried to access the list of favorites. no luck?

    Have always used Yahoo mail, but had to change browser for firefox as yahoo is no longer supported my IE9 for yahoo mail. I want to continue with email from yahoo that I like. Now I can get email yahoo thanks to firefox, which is great. I want to access the list of the favourites in the firefox toolbar, but not luck.
    Can someone advise please.
    Mary

    Hello

    This should be simple enough to change;

    1. Press Alt and clear view.
    2. In this menu, select Toolbars, followed by the bookmarks toolbar.

    You can then the user details in this article to help manage your bookmarks. Everything that you put in the folder "Personal bar" should appear along the toolbar in Firefox for easy access when browsing the web.

    I hope this helps, but if not please come back here and we can look at another solution for you.

  • PC can see and access the laptop without asking for a user name and password but the laptop cannot access the PC because it asks me a username and password that I don't know.

    Vista - Windows 7 network connection. username and password is unknown.

    Hello

    I just got a laptop with windows 7 on it and I want to connect to my other PC for it, they are on the same network through a router. the PC can see and access the laptop without asking for a user name and password but the laptop cannot access the PC because it asks me a username and password that I don't know.

    If someone could answer this question, it would be great.

    Hello
    Maybe this can help.

    Win7 when configured on the peer-to-peer network has three types of configurations of sharing.

    Group residential network = only works between Win 7 computers. This type of configuration, it is very easy to entry level users to start sharing network.

    Working network = fundamentally similar to previous methods of sharing that allow you to control what, how and to whom the records would be shared with.

    Public share     = network Public (as Internet Café) in order to reduce security risks.

    For the best newspaper of the results of each computer screen system and together all computers on a network of the same name, while each computer has its own unique name.

    http://www.ezlan.NET/Win7/net_name.jpg

    Make sure that the software firewall on each computer allows free local traffic. If you use 3rd party Firewall on, Vista/XP Firewall Native should be disabled, and the active firewall has adjusted to your network numbers IP on what is sometimes called the Zone of confidence (see part 3 firewall instructions

    General example, http://www.ezlan.net/faq.html#trusted
    Please note that some 3rd party software firewall continue to block the same aspects it traffic Local, they are turned Off (disabled). If possible, configure the firewall correctly or completely uninstall to allow a clean flow of local network traffic. If the 3rd party software is uninstalled, or disables, make sure Windows native firewall is active .

    ------------------------------

    If your network consists only of Win 7 and you want a simple network, use it.

    http://Windows.Microsoft.com/en-us/Windows7/help/videos/sharing-files-with-HomeGroup

    After you have configured the homegroup, scroll to the bottom for the Permission/security section.

    -----------------------------

    Win 7 networking with other version of Windows as a work network.

    In the center of the network, by clicking on the type of network opens the window to the right.

    Choose your network type. Note the check box at the bottom and check/uncheck depending on your needs.

    http://www.ezlan.NET/Win7/net_type.jpg

    Win 7 - http://windows.microsoft.com/en-us/windows7/Networking-home-computers-running-different-versions-of-Windows

    Win 7 network sharing folder specific work - http://www.onecomputerguy.com/windows7/windows7_sharing.htm

    Vista file and printer sharing - http://technet.microsoft.com/en-us/library/bb727037.aspx

    Windows XP file sharing - http://support.microsoft.com/default.aspx?scid=kb;en-us;304040
    Sharing printer XP - http://www.microsoft.com/windowsxp/using/networking/expert/honeycutt_july2.mspx

    Setting Windows native firewall for sharing XP - http://support.microsoft.com/kb/875357
    Windows XP Patch for sharing with Vista (no need for XP - SP3) - http://support.microsoft.com/kb/922120

    When you have finished the configuration of the system, it is recommended to restart everything the router and all computers involved.

    -------------

    If you have authorization and security problems, check the following settings.

    Point to a folder that wants to share do right click and choose Properties.

    In the properties

    Click on the Security tab shown in the bellows of the photo on the right) and verify that users and their permissions (see photo below Centre and left) are configured correctly. Then do the same for the authorization tab.

    This screen shot is to Win 7, Vista menus are similar.

    http://www.ezlan.NET/Win7/permission-security.jpg

    The Security Panel and the authorization Panel, you need to highlight each user/group and consider that the authorization controls are verified correctly.

    When everything is OK, restart the network (router and computer).

    * Note . The groups and users listed in the screen-shoot are just an example. Your list will focus on how your system is configured.

    * Note . There must be specific users. All means all users who already have an account now as users. This does not mean everyone who feel they would like to connect.

    ---------------------

    *** Note. Some of the processes described above are made sake not for Windows, but to compensate for different routers and how their firmware works and stores information about computers that are networked.

    Jack-MVP Windows Networking. WWW.EZLAN.NET

  • Parental control: I am the admin of the computer and the computer won't let me access the list allow and block my child's account

    I am the administrator of the computer and the computer won't let me access the list allow and block my child's account.  I'll bring my parental control password, click on my childs account, put parental controls, go to web filter and click on block some web sites, click on edit the allow and block list and the computer tells me that it is not able to make changes to parental controls settings and see the system administrator if the problem persists.

    Hi Ranw,

    ·        What is the error message when you try to change parental controls?

    ·        Have you been able to make any changes on this computer from your account earlier?

    You can follow the steps below and check if you can make changes to the parental controls on your computer.

    Step 1:

    Disable UAC (User Account Control) and check the result. Access the link below and follow the steps to disable UAC.

    http://Windows.Microsoft.com/en-us/Windows-Vista/turn-user-account-control-on-or-off

    Note: You must restart your computer when you enable or disable UAC. Change levels of notification does not require that you restart your computer.

     

    Step 2:

    I suggest to create a new administrator account and log later in the new administrator account, try to set parental controls and check if it works.

    Create a user account:http://windows.microsoft.com/en-US/windows-vista/Create-a-user-account

    Check out the link below to check if the parental control is properly set:

    http://Windows.Microsoft.com/en-us/Windows-Vista/set-up-parental-controls

    I hope this helps. Let us know the result.

    Thank you and best regards,

     

    Srinivas R

    Microsoft technical support.

    Visit our Microsoft answers feedback Forum and let us know what you think.

  • WLC with ACS 5.1 (RADIUS) for management * AND * Network users

    Hello

    I have authentication RADIUS of installation for the users of the network AND management on my NM - WLC (5.2 ongoing execution) against ACS 5.1

    My Question is:-

    For users to log in to Admin, I need to come back "Service-Type = Administrative - User" in order to make it work.

    Because the ACS sees all applications from the same device (WLC) for Admin and network users,

    the way I am currently treats it is by creating a filter based on the user name

    Thus, users that contain 'admin' in their ID, use a set of

    Network access policy authorization, who has an authorization associated with the attributes RADIUS profile.

    Normal users have a ' network access policy authorization different rule ", with a different profile.

    While this DOES WORK fine, still me I was wondering if there is a better way to do it, rather than create a rule

    based on the user name.

    I could use GANYMEDE + for the management, but I don't think that ACS allows the same client AAA (WLC) to use both protocols.

    Thank you

    I think it's something very common for things to do

    You may notice that ACS 5 comes preinstalled with a selection policy of service that differentiates them the Protocol-based queries and orders or service 'Access to the network by default' or "Default Device Admin" out of the box

    If you want only to RAY can either disable or delete the rule for applications of GANYMEDE + or not choose GANYMEDE + in the definitions of the unit

  • Oracle query of relay and access function call does not return the list

    Thanks to aid in a previous post, I received, I created an oracle 10 g feature that returns the list after you run the sql code it contains. It works in oracle, using sql developer.

    I need to have the list that he returned to see the place in MS Access via a relay request. It does not work so far. The string for connection etc is ok, I'm able to use passthrough queries to run sql strings correctly. But when I try to call the function through the request of relay and access initially nothing seems to happen (IE no list) and if I try to run again, there is an "ongoing call odbc error. Current operation cancelled "." There are only three records in the table. I'm missing something, someone can he spot?

    The application of relay and looks like this

    Select * from fn_testvalues of the double

    Once that is running in oracle.

    To create the test table and 2 functions below.

    CREATE TABLE t_values (MyValue varchar2 (10));

    Table created
    INSERT INTO t_values)
    SELECT 'Merced' c1 FROM dual UNION ALL
    SELECT "Pixie" dual UNION ALL
    SELECT "452" DOUBLE);

    3 lines inserted
    FUNCTION to CREATE or REPLACE RETURN NUMBER IS fn_isnum(p_val VARCHAR2)
    n_val NUMBER;
    BEGIN
    n_val: = to_number (p_val);
    RETURN 1;
    EXCEPTION
    WHILE OTHERS THEN
    RETURN 0;
    END;
    /

    Feature created

    table test:
    SELECT val, isnum fn_isnum (MyValue)
    OF t_values;

    VAL ISNUM
    ---------- ----------
    Merced 0
    Pixie 0
    1 452

    Now the function that is called in the application of relay:

    create or replace function fn_testvalues
    sys_refcursor is back
    RC sys_refcursor;
    Start
    Open rc for
    Select t_values.*, fn_isnum (MyValue) t_values IsNum;
    Return (RC);

    end fn_testvalues;

    Why not?

    satyaki>
satyaki>select * from v$version;

BANNER
----------------------------------------------------------------
Oracle Database 10g Enterprise Edition Release 10.2.0.1.0 - Prod
PL/SQL Release 10.2.0.1.0 - Production
CORE    10.2.0.1.0      Production
TNS for Linux: Version 10.2.0.1.0 - Production
NLSRTL Version 10.2.0.1.0 - Production

Elapsed: 00:00:00.00
satyaki>
satyaki>
satyaki>create or replace view bb
  2  as
  3    select *
  4    from emp;

View created.

Elapsed: 00:00:00.00
satyaki>
satyaki>
satyaki>select * from bb;

     EMPNO ENAME      JOB              MGR HIREDATE         SAL       COMM     DEPTNO JOB1      DOB
---------- ---------- --------- ---------- --------- ---------- ---------- ---------- --------- ----
      7521 WARD       SALESMAN        7698 22-FEB-81     226.88        500         30 SALESMAN
      7654 MARTIN     SALESMAN        7698 28-SEP-81       1815       1400         30 SALESMAN
      7788 SCOTT      ANALYST         7566 19-APR-87     598.95                    20 ANALYST
      7839 KING       PRESIDENT            17-NOV-81       7260                    10 PRESIDENT
      7844 TURNER     SALESMAN        7698 08-SEP-81       2178          0         30 SALESMAN
      7876 ADAMS      CLERK           7788 23-MAY-87     159.72                    20 CLERK
      7900 JAMES      CLERK           7698 03-DEC-81     1379.4                    30 CLERK
      7902 FORD       ANALYST         7566 03-DEC-81    5270.76                    20 ANALYST
      7934 MILLER     CLERK           7782 23-JAN-82     1887.6                    10 CLERK
      7566 Smith      Manager         7839 23-JAN-82       1848          0         10 Manager   23-JAN-89
      7698 Glen       Manager         7839 23-JAN-82       1848          0         10 Manager   23-JAN-89

     EMPNO ENAME      JOB              MGR HIREDATE         SAL       COMM     DEPTNO JOB1      DOB
---------- ---------- --------- ---------- --------- ---------- ---------- ---------- --------- ----
         1 boock

12 rows selected.

Elapsed: 00:00:00.00
satyaki>
satyaki>
satyaki>select *
  2  from bb
  3  where empno = &eno;
Enter value for eno: 7521
old   3: where empno = &eno
new   3: where empno = 7521

     EMPNO ENAME      JOB              MGR HIREDATE         SAL       COMM     DEPTNO JOB1      DOB
---------- ---------- --------- ---------- --------- ---------- ---------- ---------- --------- ----
      7521 WARD       SALESMAN        7698 22-FEB-81     226.88        500         30 SALESMAN

Elapsed: 00:00:00.00
satyaki>
satyaki>

    Kind regards.

    LOULOU.

  • "Receive the error message" Microsoft (R) HTML Application host has encountered a problem and needs to close, etc. "when you access user accounts

    Original title: I can't access the accounts of users (XP).

    I can not access (XP) user accounts.  I get the message: "Microsoft (R) HTML Application host has encountered a problem and needs to close etc.."  The APPname is mshta.exe. I have this msg when I click on anything in the user accounts.

    1. What is the problem?
    2. what should I do to fix this?

    Hello Eric_984,

    Thank you for the question!

    It is disheartening to know that have problems you with user accounts. "As I understand it, you get an error message" Microsoft (R) HTML Application host has encountered a problem and needs to close etc. "when you access user accounts.

    I need to ask you a question to help you best.

    Were there any changes (hardware or software) to the computer before the show?

    Perform the steps in the link and check.

    Error message when you try to open the item user accounts in Control Panel on a Windows XP-based computer: "Microsoft HTML Application host has encountered a problem and needs to close."

    Answer to us if you are having problems with user accounts or any other issue of Windows, and I'd be happy to help you again and try to correct the problem as soon as possible.

    Good day!

    Hope this information helps.

  • "Unknown users" listed in properties and safety of a folder

    PROBLEM: "unknown users" are listed in the properties/security of a folder.

    I have Windows 7, 64-bit.

    The properties/security box from my "C:\Users\[my name]" folder lists two known as users
    "Account unknown (S-1-5-21-879640176-2077098734-2292519611-1001).
    and "Home Users", more legitimate users 'SYSTEM', 'Administrators', and
    "[my name]."

    After deleting the computer Acct limited, the 2 users are still listed.

    'S-1-5-21-879640176-2077098734-2292519611-1001' is not found by the Yahoo Search
    Engine. Windows specific engine search folder 'C:' and 'Users' research essentially
    indefinitely. For the folder named after me is nothing.

    Especially regarding'S-... ', this is the result of malware? Would the deletion or the other or both of these
    Users of harmful effects?

    Thank you.

    These inscriptions refer to the accounts that you have deleted from your computer. They are of no consequence, and they cause no harm.

  • How to reset the Status field and delete ToDo list outside the user interface?

    All, morning

    HR 802 generating WebHelp.

    I made use of the status field and ToDo List in the past. For my next release aid, I would like to reset these fields for all the subjects, so I can still have accurate reports as subjects of creation/revision of the final course.

    Is it possible to do without opening each topic in the user interface and compensation/change manual fields? (I thought to delete all fields of ToDo and recreate them, but thought that there is an easier way.) This information appears in each section or in a separate file?

    Thank you

    Patrick

    Hi Patrick

    1. Close all topics that can be opened in the editor.
    2. Open the pod of the list of topics.
    3. Select all subjects.
    4. Right-click and choose Properties from the subject.
    5. Click the status tab.
    6. Modify if needed.

    All subjects should change to reflect the new status and the task list settings.

    See you soon... Rick

    Useful and practical links

    Wish to RoboHelp form/Bug report form

    Begin to learn RoboHelp HTML 7 or 8 days - $24.95!

    Adobe Certified RoboHelp HTML Training

    SorcerStone blog

    RoboHelp EBooks

  • PIX 501 NAT and PAT with a single IP address

    Using the following configuration, on my first PIX 501, I am unable to provide a server of mail to the outside world and allows inside customers to browse the Internet. :

    6.3 (5) PIX version

    interface ethernet0 car

    interface ethernet1 100full

    ethernet0 nameif outside security0

    nameif ethernet1 inside the security100

    enable password xxxx

    passwd xxx

    hostname fw-sam-01

    SAM domain name

    fixup protocol dns-length maximum 512

    fixup protocol ftp 21

    fixup protocol h323 h225 1720

    fixup protocol h323 ras 1718-1719

    fixup protocol http 80

    fixup protocol rsh 514

    fixup protocol rtsp 554

    fixup protocol sip 5060

    fixup protocol sip udp 5060

    fixup protocol 2000 skinny

    No fixup not protocol smtp 25

    fixup protocol sqlnet 1521

    fixup protocol tftp 69

    names of

    outside access list permit tcp any host 62.x.x.109 eq smtp

    access the inside to allow tcp a whole list

    pager lines 24

    Outside 1500 MTU

    Within 1500 MTU

    IP address outside the 62.177.x.x.x.255.248

    IP address inside 192.168.45.1 255.255.255.0

    alarm action IP verification of information

    alarm action attack IP audit

    location of PDM 192.168.45.2 255.255.255.255 inside

    PDM logging 100 information

    history of PDM activate

    ARP timeout 14400

    Global 1 interface (outside)

    NAT (inside) 1 0.0.0.0 0.0.0.0 0 0

    public static 62.177.x.x.x.45.2 (Interior, exterior) mask subnet 255.255.255.255 0 0

    outside access-group in external interface

    group-access to the Interior in the interface inside

    Route outside 0.0.0.0 0.x.x.x.177.208.105 1

    Timeout xlate 0:05:00

    Timeout conn 01:00 half-closed 0:10:00 udp 0: CPP 02:00 0:10:00 01:00 h225

    H323 timeout 0:05:00 mgcp 0: sip from 05:00 0:30:00 sip_media 0:02:00

    Sip timeout - disconnect 0:02:00 prompt Protocol sip-0: 03:00

    Timeout, uauth 0:05:00 absolute

    GANYMEDE + Protocol Ganymede + AAA-server

    AAA-server GANYMEDE + 3 max-failed-attempts

    AAA-server GANYMEDE + deadtime 10

    RADIUS Protocol RADIUS AAA server

    AAA-server RADIUS 3 max-failed-attempts

    AAA-RADIUS deadtime 10 Server

    AAA-server local LOCAL Protocol

    Enable http server

    http 192.168.45.0 255.255.255.0 inside

    No snmp server location

    No snmp Server contact

    SNMP-Server Community public

    No trap to activate snmp Server

    enable floodguard

    Telnet 192.168.45.0 255.255.255.0 inside

    Telnet timeout 5

    SSH timeout 5

    Console timeout 0

    dhcpd lease 3600

    dhcpd ping_timeout 750

    : end

    It is I'am using access list and groups wrong or am I wrong in PAT/NAT configuration.

    Please advise...

    Hello

    I went through the ongoing discussion. The pix configuration should be fine for now according to suggestions. The problems seems to be on the server. If it is a new installation of windows, then there is an option not to accept requests that are not local network.

    If you want to check if pix allows connections and then when you telnet to port 25 of the outside, just run the xlates control.

    SH xlate and it should show you a translation for the inside host. More than a quick test if pix allows traffic is to check 'sho-outdoor access list' and see if the counters are increasing.

    Hopefully this should help you.

    Arun S.

  • PIX 525 config and VPN configuration

    Hello

    I was asked to work on a customer request to replave sound no cisco FW with a pix 525 and also lead to a VPN solution using this PIX 525.

    I'm not a FW as my main experience is with Routing/Switching, but I have read some documentation and had some hands on a client of vpn300 501 PIX and cisco.  I managed to make it appear the vpn connection, even if all tests have failed (you need to solve any further).

    Customer has its main site with an application that runs on a Web server that must be accessed only through the vpn to: 3rd party + a few remote users.

    The solution, I want to propose to the client is:

    option 1:

    PIX 525 as a vpn server + Cisco vpn 3000 client on all PCs of remote users.

    option 2:

    PIX 525 as a vpn server + vpn client windows on all PCs of remote users

    option 3:

    PIX 525 as vpn + PIX 501 to 3 rd party server + vpn client windows on all PCs of remote users

    First I want to confirm that these motions are feasible.  So which option should I go for knowing that the remote users are only about 10.

    Client doesn't no Ganymede or RADIUS should go for statis userid/pass set up on PIX525?

    Any idea, advice, suggestion is welcome.  Thanks in advance

    Kind regards

    ngtelecom

    Hello

    Option 1

    In my opinion, is the best solution because the PIX 525 will act as a firewall and the VPN server.

    Then, all the clients connect via VPN using Cisco's VPN IPsec client software.

    Option 2

    The advantage of this option is that you do not need to install VPN software on clients (not a problem, only 10 clients)

    The problem is that it does not come with split tunneling and don't provide as good protection as Cisco software.

    Option 3

    This is also valid, and you can do an EasyVPN connection where the 525 is the server and the 501 to the customer.

    Local authentication on the PIX 525 sounds great.

    As a recommendation, the PIX are EoS and the replacement are the ASAs.

    It will be useful.

    Federico.

  • I can't access some files because I did not 'Privileges '. How do I get and access?

    I had my hard drive crash. I inserted a new disc. I'm now trying to re - load my data files to an external hard drive where I do my backups. When I copy a file and try to access it, I learned that I do not haave access privileges. How can I access?

    1. Connect to the new machine with an administrator account.
    2. In Explorer, right-click on the drive and select "Properties".
    3. Select the security"" tab.
    4. Click on the "Edit" button below the list of the "group or user names.
    5. When Windows asks you "Windows needs your permission...". ', select 'continue '.
    6. Click the 'Add' button to add a new user.
    7. Type "Everyone" (without the quotes) in the box provided and click on "check names".
    8. Click OK.
    9. Now, select 'All' in the list in the "group or user names.
    10. Click on the 'Total control' box in the column "Allow", then click OK.
    11. It may take some time to complete.

    Otherwise, as an administrator, you can take ownership of all files and then transfer them and then to restore the permissions to the appropriate users once transfer complete.  I will describe these procedures in more detail if you need it - but procedures are doing a better job than I ever could.  Here are the procedures: http://www.nirmaltv.com/2008/07/11/how-to-take-ownership-of-files-and-folders-in-vista/.  But this process will make you the owner of all files and you will not be able to transfer the property to standard users (since they don't have sufficient privileges to appropriate).

    You should now be able to access the files and restore the backup (regardless of the method chosen).

    Once the files are restored, you may need to change the permissions so that all the user is not allowed to all files and the administrator is not the owner (I don't know if cela transfers, but I think that it doesn't).  You must configure the permissions as they were before--with each user with rights to its records, all deleted user and administrators with all rights for each folder (or you can skip this last part, because you can always get permissions if you need by taking possession and maybe users want that privacy for their files even administrators).

    Good luck and I hope this helps.

    Lorien - a - MCSE/MCSA/network + / A +.

  • Customer Pix unit inside and dmz networks

    Are there problems that prohibit a client to the unit to start connections to hosts on pix dmz networks and pix inside at the same time?

    You can provide a link that describes the side PIX of the two networks not only inside network access configuration?

    Oops, yes sorry, brain fade from me, do not take into account my first email. Your configuration would look like this:

    IP address inside 10.1.1.1 255.255.255.0

    IP dmz 172.16.1.1 255.255.255.0

    IP local pool vpnpool 192.168.1.1 - 192.168.1.254

    NAT (inside) 0-list of access nonatinside

    NAT (dmz) 0-list of access nonatdmz

    permit the 10.1.1.0 ip access list nonatinside 255.255.255.0 192.168.1.0 255.255.255.0

    permit ip 172.16.1.0 access list nonatdmz 255.255.255.0 192.168.1.0 255.255.255.0

    Hope that helps.

  • same host for radius and Ganymede

    Hello

    can I put a host (asa for example) twice in the acs Server? one for Ganymede to grant administrators access exec and the other for radius authenticate remote users.

    I don't want remote users to be able to get exec mode.

    Or how should I configure this?

    Yes, you can do it. Network configuration ON acs

    Add

    ASA---> 10.1.1.1---> Auth using Ganymede +.

    ASA1--> 10.1.1.1---> Auth using RADIUS

    Host name cannot be the same.

    Kind regards

    ~ JG

    Note the useful messages

Maybe you are looking for

  • hijacked keyword search

    For a long time, I was fortunately using smart search by keyword.For example I had loaded searches customized to the letters 'd', 'e', 'w '.All of a sudden, they lead to different destinations. Everything I tried to change their return - no luck.Plea

  • Pavilion HPE-110nl lost the physical memory

    Product name: HP Pavilion Elite HPE - 110nl desktop PC OS: Windows 7 Home Premium x 64 SP1 After an electricity break my PC had only 2008 total physical memory MB instead of the normal MB 6104. The memory is there (SIW Gabriel Topala, gives informati

  • Using C++ in QML classes

    Hello I'm trying to run an example of this page (https://developer.blackberry.com/cascades/documentation/dev/integrating_cpp_qml/index.html) on the "Using C++ Classes in QML. I have the following code as shown on this page: CombineCppAndQml::CombineC

  • Unable to activate Windows 7, error: product key is not valid

    Original title: activation WENT to ACTIVATE WINDOWS7 AND ITS TELLING ME PRODUCT KEY has BEEN BLOCKED from use by microsoft?

  • See the request previous aging bucket

    Hi all Work ERP Version 11.5.10.2 I need help, in my query to show the previous date segment. Please see the below query Select salesper_name client_name customer_number, TRX_NUMBER, amount_due_original,amount_due_remaining, gl_date, amount_remaining