I am trying to get downloadable ACLs to a PIX firewall using ACS version 3.3 to PIX 6.3(4) IOS version:
Here is my config for the PIX:
aaa-server ACSACCESS protocol tacacs+
aaa-server ACSACCESS (inside) host 10.25.0.30 c0nn3ctm3 timeout 15
access-list 111 permit ip 10.25.61.0 255.255.255.0 any
aaa authentication match 111 outside ACSACCESS
The subnet 10.25.61.0 is the EZVPN DHCP pool allocated to the EZVPN users.
Here is a screen dump of the ACS server config:
the commands take ok but when access through the VPN I get my WINS, DNS etc but cannot browse the network.
The IP addressing has been changed due to me displaying this on the internet.