Restrict group access to certain routers and switches ACS 4.1 solution eng.

Unanswered Question
Mar 20th, 2007

Have some network admins on remote site and need access to only certain routers. How do I configure this on my acs. I have already mapped cisco secure group with ad groups. How do I restrict cisco secure group access to only certain routers? Thanks guys.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
darpotter Wed, 03/21/2007 - 00:57

Very easy

In the ACS groups you want to control create Network Access Restrictions (NARs). These work by listing either permitted or denied devices (or device groups).

You probably need to be using "IP Based" NARs in which case set the type to be "permitted" then add the devices (or device groups) that are allowed for that group.

If you can see NARs in group setup, goto Interface Config and enable them.


This Discussion