Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
483
Views
5
Helpful
1
Replies

Downloadable ACL for VPN users

Go to solution
abdullah-asi
Level 1
Level 1

‎06-28-2007 02:52 PM - edited ‎03-10-2019 03:14 PM

Hi,

I replaced Old pix with ASA (7.2). There were groups configured for remote VPN users authenticated through the ACS and ACS download a specific ACL for each group to the PIX. After replacement, Users cannot establish the VPN connection.After troubleshooting I discovered that Downloadable ACL were not working fine. When I disabled this option the tunnel established. When I return back to the old pix with the same configuration,it works fine with downloadable ACL option. I opened a TAC case and he said the ACS v3.0 (which i have) are not compatible with ASA. he didnt convince me really and he asked to try to use the AV pair option. I tried AV pair option with ASA and it was not working also. can you please advice.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Premdeep Banga
Level 7
Level 7

‎06-28-2007 04:13 PM

Hi,

Check this out,

http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCef21184

Also, 3.0 is very old, and I suppose in that version we had "Downloadable PIX ACLs" and not "Downloadable IP ACLs", On ASA Download able ACL will work but with "Downloadable IP ACLs" but not with "Downloadable PIX ACLs".

Regards,

Prem

View solution in original post

1 Reply 1

Go to solution
Premdeep Banga
Level 7
Level 7

‎06-28-2007 04:13 PM

Hi,

Check this out,

http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCef21184

Also, 3.0 is very old, and I suppose in that version we had "Downloadable PIX ACLs" and not "Downloadable IP ACLs", On ASA Download able ACL will work but with "Downloadable IP ACLs" but not with "Downloadable PIX ACLs".

Regards,

Prem

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents