02-23-2007 02:51 AM - edited 03-10-2019 03:00 PM
If I have configured downloadable ACL on ACS group, then one of the users who is belong to same group has assign particular ACL on his profile.
Which one will be pushed to the router is it the group ACL or user ACL
Many Thanks
02-23-2007 04:33 AM
Hi,
User profile takes precedence over group profile. So user ACL will be pushed.
Regards,
Vivek
03-01-2007 08:55 AM
aalshammari,
is your DACL working? Is it configured on PIX?
I am trying but getting an error on the PIX like "can't find authorization ACL". I have posted in detailed under topic "Downloadable ACL".
Appreciate any help.
03-01-2007 09:12 AM
Update.....
I do see in ACS logs that Authentication failed for ACL where username is the ACL name sent by PIX. (#ACSACL#-IP-myACL-45e6c605).
The failure code is "DACL request from device is not acceptable"
I guess ACS is denying but WHY?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide