08-09-2007 04:10 AM
with the installation of the newest ACS, for Radius authorisation the use of downloadable IP ACLs has been implemented.
However on the AS5350 I see that it does n't recognise this feature (I'm using the IOS 12.4.12, following the cisco site this feature should be known)
Can anybody tell me what I do have to configure on the AS5350, so that it recognises this attribute
ON the cisco site, I cannot find any link between these ACLs and the AS5350.
Thanks for helping me.
Ellen
08-13-2007 05:38 AM
Hi Ellen
I'll suggest to disregard the Downloadable ACL's. I'm mailing you an alternative way to configure this using 'cisco av-pair'
Go to 'Interface Configuration' ->'RADIUS (Cisco IOS/PIX)'
User Group [026/009/001] cisco-av-pair
Select cisco-av-pair on the Group basis.
Now Go to group settings for that group
Jump to -> RADIUS (CISCO IOS/PIX)
There under [009\001] cisco-av-pair , list box add the following:
Example :
ip:inacl#1=deny tcp 10.8.105.0 0.0.0.255 any eq http
ip:inacl#2=permit ip any any
Try this and let me know.
Regards,
~JG
Please rate if helps
09-03-2007 03:32 AM
Hi JG,
sorry for the late reply, but I was not in the office for 3 weeks.
The people that are managing the Radius server are not willing to implement AV pairs.
The want to to know whether downloadable ACL can be used with AS5350? (before wanting to try your alternative)
Can you tell me whether this feature is available with AS5350?
Thanks.
Ellen
09-04-2007 09:13 AM
Ellen,
On 5300 we need min IOS IOS 12.3(8)T or later to support it. I'm not sure if we have code for AS5350.
If you'd like to see some examples, here is a link which sort of describes some examples
of what the radius av-pair looks like.
http://www.cisco.com/en/US/partner/products/sw/iosswrel/ps5207/products_feat
ure_guide09186a00801ede8b.html#wp1047714
Else use inacl attribute:
http://www.cisco.com/en/US/partner/products/ps6350/products_command_referenc
e_chapter09186a008042f6b4.html#wp1017169
Regards,
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide