VPDN static IP address assign by TACACS server (ACS 2.3 for UNIX)
Is it possible assign static IP address for VPDN users by TACACS server ?
If yes, please give me some ideas how to do it?
thanks,
bm
I think that is possible only while using CSACS for windows but not with CSACS for UNIX. Atleast I couldn't find anything in the documentation. (CiscoSecure ACS 2.3 for UNIX User Guide http://www.cisco.com/en/US/products/sw/secursw/ps4911/products_user_guide_book09186a00800eb438.html)
Similar Messages
-
IP address sent to TACACS server
Setup a TACACS server on out network to control console and telnet access to routers and switches. Most of our remote routers have multiple wan paths to the TACACS servers and may present a different IP address depending on which path is available or least busy. This causes an authentication failure that denies access to the equipment. Is there a way to configure the router to always send a specific address, either a loopback or internal LAN IP?
Hi
FYI,
Device Filter—Filters a network device (AAA client) that acts as a Policy Enforcement Point (PEP) to the end station based on the network device's IP address or name, or the network device group that it belongs to.
The device identifier can be the IP address or name of the device, or it can be based on the network device group to which the device belongs.
The IP address is a protocol-agnostic attribute of type IPv4 that contains a copy of the device IP address obtained from the request:
–In a RADIUS request, if Attribute 4 (NAS-IP-Address) is present, ACS obtains the IP address from Attribute 4; otherwise, if Attribute 32 (NAS-Identifier) is present, ACS obtains the IP address from Attribute 32, or it obtains the IP address from the packet that it receives.
–In a TACACS request, the IP address is obtained from the packet that ACS receives. -
How to set a static IP address on a Mac server?
I am setting up a New Mac server for a mail sever and have resieved the MX record and IP address from the ISP and DNS providers. Now I am trying to set up the server to be seen on the out side, or even on the network. Is this all done in the Network confiruration by maually setting the IP and Sub Mask there? I have set it all up to what I think they should be but not having any luck. When I installed the server software I told it to be a stand alone server was that wrong. I will not be running DNS or any other services on this system only Mail.
thanksYou should enter the IP address/netmask, etc. during the first-time-boot setup. Changing it later can be a PITA, but it sounds like you did that.
Setting 'standalone' shouldn't be an issue since that only relates to directory services.
It sounds like the problem is a more basic connectivity issue.
Have you verified that you have basic IP address connectivity? Can you ping the router address provided by your ISP? Can you ping remote sites outside your network? If that's not working you're not going to get much further. -
App Server Download/Extract Instruction for Unix needs Corrected
On the following page - http://www.oracle.com/technology/software/products/ias/htdocs/1013.html
the cpio command does not seem to be correct - it needs a -c flag for the checksum. Please correct.For which platform and which files?
If memory serves me, cpio -imd (or imdv) have before worked on Linux and AIX. -
Workaround for not having a static IP address? Just need to VPN into server
I work from home, and so do my partners. I recently bought a mac mini server, so that we will have 1 central computer where all the projects are stored. Now with me being a mobileme user, I of course have access to it no matter where I go. But for my partners, I need to provide them with VPN access so they can get to/store files on the server.
In order to do that, of course, I'm going to need a static IP address. Problem is, mediacom (worst service imaginable for ISP) won't provide a static IP address unless I upgrade to a business account. No thanks, dont feel like spending $80+ for only needing the static IP.
So I guess my question is this: Is there a way to get around using a static IP address? Any 3rd party software solutions, online services, etc available to me? I consider myself a novice, as I'm being forced into the position of being the "expert" on this now.
Thanks in advance for your help!
NoahYou need to use a dynamic DNS service. Check out http://www.dyndns.com for their free service. Others exist. Use Google and search for dynamic DNS. This will keep your host name in line with your changing IP address.
Hope this helps -
How do I connect an Airport Extreme to my ISP with a static IP address?
I have 5 static IP addresses from my ISP. The cable modem has five ethernet jacks. I run an ethernet cable from separate jacks on th cable modem to the devices listed next. I have one static IP address assigned to a Linksys wireless router for a MS network. Another is used by my VoIP router. I want to use a third static IP address for my Airport Extreme and set up a new network for a server running Leopard Server, iMacs, latptops. When I enter a static IP address in the Airport Extreme, I can't connect to the internet. Can anybody help?
When you configured your Airport Extreme with one of the five static (and public) IP addresses available to you - did you remember to also configure the Airport Extreme with your ISP's router (or "gateway") IP address as well as the IP address(es) of your ISP's domain name servers?
-
Can't get ipv6 address assigned correctly.
I use NetworkManager and dhclient for auto-configuration but it has some weird problems.
When I boot up my laptop, I only have chance to get access to ipv6 network, when I fail, I tried to delete the connection in Network Management Settings, and then added a new profile, disable and then enable the network again. Sometimes it works well, but sometimes it failed to auto-config.
If I use the command:
$ ip -6 rout
then I'll get the following message:
unreachable fe80::/64 dev lo proto kernel metric 256 error -101
fe80::/64 dev wlan0 proto kernel metric 256
default via fe80::2e0:2ff:fe54:59 dev wlan0 proto static metric 1
every time the default gateway is configured well, sometimes the address the address is missed , and if I do the following:
$ ping6 -I wlan0 -c 4 fe80::2e0:2ff:fe54:59
It responses normally.
PING fe80::2e0:2ff:fe54:59(fe80::2e0:2ff:fe54:59) from fe80::1034:56ff:fe78:9124 wlan0: 56 data bytes
64 bytes from fe80::2e0:2ff:fe54:59: icmp_seq=1 ttl=64 time=5.32 ms
64 bytes from fe80::2e0:2ff:fe54:59: icmp_seq=2 ttl=64 time=6.64 ms
64 bytes from fe80::2e0:2ff:fe54:59: icmp_seq=3 ttl=64 time=10.6 ms
64 bytes from fe80::2e0:2ff:fe54:59: icmp_seq=4 ttl=64 time=3.60 ms
--- fe80::2e0:2ff:fe54:59 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3005ms
rtt min/avg/max/mdev = 3.603/6.546/10.617/2.587 ms
do the following:
$ ip -6 addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
3: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qlen 1000
inet6 2001:250:4400:d000::161/128 scope global
valid_lft forever preferred_lft forever
inet6 fe80::1034:56ff:fe78:9124/64 scope link
valid_lft forever preferred_lft forever
I found I just sometimes can get the ipv6 address start with 2001:
If the address is assigned, then:
$ ping6 ipv6.google.com
PING ipv6.google.com(ipv6.google.com) 56 data bytes
^C
--- ipv6.google.com ping statistics ---
11 packets transmitted, 0 received, 100% packet loss, time 10008ms
response nothing!
Then I switch into Windows 7, if something like above happened, then I managed to set the MAC address to a random value such as 12-34-56-78-91-23, soon, the problem will be corrected, I'll get a new ipv6 address assigned by DHCPv6 server. If I switch back to arch, set the MAC address in NetworkManager, it didn't have function at most time, and the ipv6 address even won't change!
Can anyone help me with this problem?
by the way, I never get ipv6 address when I use dhcpcd.bernarcher wrote:
Hello and welcome to the forums heliumhgy.
Just in case you are wondering where your post has been gone: The moderators board received this message from you:
I dont need tunnel to access to ipv6, My univ use dual-stack to get both ipv4 and v6 work around all campus.
This is because you inadvertently used the "Report" link. But don't worry this happens rather often.
Just cause I caught the glimpse of re-blabla, and mistaken it as reply
Last edited by heliumhgy (2012-11-29 03:16:11) -
Prime 1.4 - no aaa authentication tacacs+ server
Anybody know the equivalent command "no aaa authentication tacacs+ server" on PI 1.4. I saw this command on PI 2.2 but I can´t find something similar on 1.4.
Thanks in advanced.Check the following Command line manual for PI 1.4
http://www.cisco.com/c/en/us/td/docs/wireless/prime_infrastructure/1-4/command/reference/cli14.html
Apart from that I found this ,let me know if it helps.
Select a command
Add TACACS+ Server—See the “Add TACACS+ Server” section.
Delete TACACS+ Server—Select a server or servers to be deleted, select this command, and click Go to delete the server(s) from the database.
Add TACACS+ Server
Choose Administration > AAA > TACACS+ from the left sidebar menu to access this page. From the Select a command drop-down list choose Add TACACS+ Server , and click Go to access this page.
This page allows you to add a new TACACS+ server to Prime Infrastructure.
Server Address—IP address of the TACACS+ server being added.
Port—Controller port.
Shared Secret Format—ASCII or Hex.
Shared Secret—The shared secret that acts as a password to log in to the TACACS+ server.
Confirm Shared Secret—Reenter TACACS+ server shared secret.
Retransmit Timeout—Specify retransmission timeout value for a TACACS+ authentication request.
Retries—Number of retries allowed for authentication request. You can specify a value between 1 and 9.
Authentication Type—Two authentication protocols are provided. Password Authentication Protocol (PAP) and Challenge Handshake Authentication Protocol (CHAP).
Command Buttons
Submit
Cancel
Note • Enable the TACACS+ server with the AAA Mode Settings. See the “Configuring AAA Mode” section.
You can add only three servers at a time in Prime Infrastructure. -
Change to a "static" IP address impact time capsule backup?
It just hit me that another thing I've done since my last backup is change from the DHCP (?) IP assigning to a static IP address. Also set up some "port forwarding" for a few sites.
Could that be why time capsule is now forever "preparing?" I have added a lot of content but I let it sit for 24 hours with no change in status. I'm wondering if somehow the IP address is screwing this thing up. I don't think so but what do I know? =)
Thx.I'm not too familiar with FileMaker Pro, but if you like to give static IP addresses to anything you would have to use DHCP Reservations using Airport Utility.
Open Airport Utility, select the Time Capsule device, click Manual Setup, navigate the Internet icon, then the DHCP tab, you'll see DHCP Reservations towards the bottom. -
Configure RRAS with multiple public STATIC IP address
<p>I have Server 2012 Standard edition. I have two network cards installed. I have configure my server to be my router aka NAT BOX using Server 2k12 RRAS. We recently added more servers to our internal network. We needed more
Public Static IP address. Currently we had one and then upgrade to 5 with Time Warner. I configure my WAN NIC card on the server with the new Static IP address from TIME WARNER. How do I add the remaining ones to RRAS. THen i can use services tab to add that
static IP address with this port to that internal ip address which happens to be another server. </p><p>Currently when I add to the address pool tab couple my PC or servers gets kicked off the internet especially when I add the service
port and the public ip address from the public ip address pool and the internal ip address and the internal port. </p><p></p><p>Anyhow, what i am trying achieve here is NAT the remaining public IP Address to an internal ip
address. Only a certain ports such as SMTP Port, VPN port, pop3 port, HTTP port HTTPS ports. Can someone help me configure this on RRAS on server 2012</p>how can i do port forwarding with the address pool of public static IP address. Currently my Server 2012 is my acting router. I have NIC cards on there. One of the NIC is connected to the Cable Modem and the other NIC card is connected to the
switch. How can I use port forwarding with the other remaining public IP address. The reason is I have two exchange server in my internal network. Both can't be using the same ports so I got more public IP addresses. I just want to configure my RRAS
port forward 80, 443, 25, 110, 143 to both exchange server who have an internal ip address. In order to achieve that I need to have two public IP address.
Tell me if there is a solution. -
Hi
static mac-address x.x.x.x vlan xx interface f0/0 interface f0/1
if this packet come to switch, switch will send out two interface or load-share on each interface
ThanksHi,
For interface-id, specify the interface to which the received packet is forwarded. Valid interfaces include physical ports and port channels. For interface-id, specify the interface to which the received packet is forwarded. Valid interfaces include physical ports or port channels. For static multicast addresses, you can enter multiple interface IDs. For static unicast addresses, you can enter only one interface at a time, but you can enter the command multiple times with the same MAC address and VLAN ID.
Regards,
Pravin -
Not Able To Assign A Static IP Address To Windows 2008 64 bit Server
Hello Experts,
I've been trying to assign a static IP address to Windows 2008 R2 Server Virtual Box image. As soon as I assign static IP address to the image, either it hangs or says "Unidentified network".
I'm 100% sure that I'm using correct IP address, Gateway, Subnet mask and DNS Server details. If I use same settings on other linux virtual box, it is able get that static ip address. The issue is only with Windows 2008 image.
Here few more inputs that may help:
- Windows 2008 image has "Bridge" adapter.
- Host system is connected to corporate network via wired connection and NOT on VPN.
- If I use "Obtain IP address automatically" setting, then it is able to get a dynamic IP address and internet is working fine.
Questions:
1. Has anyone seen this issue before ?
2. Do I need to do any additional configuration on Windows 2008 server ?
Thanks,
GKHi,
Method 1: Uninstall and reinstall network drivers.
Method 2: If you have any anti-virus software, disable them.
You can also try set a static IP via neetsh commend.
How to Use the NETSH Command to Change from Static IP Address to DHCP in Windows 2000
http://support.microsoft.com/kb/257748
Hope this helps. -
How to assign static ip address to the server having solaris 10. i.e. nge0
hi,
how to assign static ip address to the server having solaris 10. i.e. nge0 i.e. 192.168.3.125 ipshold be persistantt across reboots. what steps do i need to follow to put all information including gateway,netmask etc..Also i want to integrate one init script ..can i integrate it using /etc/init.d/<service name> like linux. and do chkconfig on it?i am not getting complex procedure of SPF and FMRI etc..can u help me?Create a file in your /etc directory called hostname.nge0. Add the hostname of your system to this file. In your /etc/hosts file, assign the static IP address you want to the same hostname. You can then disable and enable the network-physical service to configure the network interface:
svcadm disable network-physical
svcadm enable network-physical -
Can I assign Airport Express to static IP Address?
Current setup - Airport Extreme attached to cable modem with 2 hard drives, Airport Express as print server in separate room with USB printer attached (just changed from Linksys with sometimes working NetGear print server). Clients accessing the network: 2 Windows XP, 1 Windows 7, iPads, iPhones, iPods, Apple TV, and sometimes a Mac Book.
The issue is that we don't keep the printing system on at all times (light switch with Express and printer plugged in); We dont't do much printing, and I print to pdf most of the time. As a result, the Express IP address changes every time it's turned on, requiring me to change the port settings on the printer properties before anyone can print. Is there a way to assign a static IP address to the Express so that I don't become tech support every time someone else in the house needs to print something?Is there a way to assign a static IP address to the Express so that I don't become tech support every time someone else in the house needs to print something?
Yes. The first order of business is to find the AirPort ID for the AirPort Express. You do this by opening AirPort Utility and clicking once on the Express. In the area to the right, jot down the AirPort ID.
Still in AirPort Utility, now click on the AirPort Extreme and click Manual Setup
Click the Internet icon
Click the DHCP tab below the Advanced icon
Look for the DHCP Reservations area and click on the + (plus) button at the bottom
Enter a description, for example AirPort Express
Click the MAC Address button and click Continue
Enter the AirPort ID in the MAC Address box
Assign the IP address you want the Express to use, for example 10.0.1.20
Click Done, then click Apply and the AirPort Extreme will restart
It would be a good idea to power cycle the entire network as follows:
Power everything down...all devices, order is not important
Power up the modem first, then AirPort Extreme, then Express, then devices -
How to Assign a Static IP address to VM created from VM template
Hello All,
I'm New to SCVMM, I have installed my SCVMM 2012 R2 in Lab environment and added 02 Hyper Servers on the same (One server is in domain & another one is in Perimeter Network). Once I added the Hyper-V's two Virtual
Network's has been detected in SCVMM.
Now I'm trying to create a new VM in each Hyper-V with a static IP address. I have created the VM template without connecting to any network, while creating the VM, below is my settings,
VMNetwork : VMPeri01 (Perimeter VM Network)
VM subnet : None
(Grayed out)
IP Address:
Clicked Static IP
IP Protocol version: IPV4 only
MAC address:
clicked Static (its showing 00:00:00:00:00:00)
Question: How can I assign the static IP to my New VM?
Note: I have created a static IP pool for the virtual network (w.r.t : http://www.virtualizationadmin.com/blogs/lowe/news/adding-an-ip-pool-to-vmm-2012-241.html)
Please help me to create the VM using Static IP (specific address now)While creating the VM choose the Virtual Network on the Hyper-V from the IP pool which you have created it wil take the IP during provisioning.
Maybe you are looking for
-
Can I use a different id (email) for my iOS Developer account than my iTunes account?
Hello, I am an iPhone and iPad app developer. I have a customer that would like to submit apps on their account. the problem is, they would like the iOS account to not be linked to their regular iTunes account, where they download all their music,etc
-
I have a 60GB iPod. I have several smart playlists that just do not sync. They don't show up in the list of playlists if I check the 'Sync Selected Playlists' button in the Music tab. I have just created a new playlist - it does not show up in that l
-
Is it possible to export the graphical display of a Query Result to .xls ?
Hi Guru's Is it possible to export the graphical display of a Query Result to .xls ? Please give me some assistance Points will be assigned Thanks and Regards Srikanth
-
hai, what is the purpose of SLIS_T_FIELDCAT_ALV.
-
Where do i go to have ipod repaired...
i need a lot of help. I need to know where i can go to have my ipod 5th generation 30 gb repaired. It would be nice if it wouldn't cost too much. If it is unavoidable to pay, then thats fine with me then. The problem is that the LCD screen is cracked