03-20-2007 06:20 PM - edited 03-10-2019 03:03 PM
Have some network admins on remote site and need access to only certain routers. How do I configure this on my acs. I have already mapped cisco secure group with ad groups. How do I restrict cisco secure group access to only certain routers? Thanks guys.
03-21-2007 12:57 AM
Very easy
In the ACS groups you want to control create Network Access Restrictions (NARs). These work by listing either permitted or denied devices (or device groups).
You probably need to be using "IP Based" NARs in which case set the type to be "permitted" then add the devices (or device groups) that are allowed for that group.
If you can see NARs in group setup, goto Interface Config and enable them.
03-21-2007 03:19 AM
03-21-2007 06:29 AM
Thanks. Worked.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: