VPN3k Group Authorization and ACS

Unanswered Question
Feb 12th, 2008
User Badges:

I have a VPN3030 and a Cisco ACS 4.1 SE. I'm using WebVPN and want the URLs displayed to the remote access user to be dependent on the group w/in ACS. I created four external groups w/in the VPN3k and the URLs under each group. I also created the groups in ACS and the users w/in those groups. I tried adding “OU=groupname;” for IETF attribute #25, when I do that, the user authentication fails and in ACS I see the failure and a passed authentication. If I disable attribute 25 or disable authorization, I can authenticate but only get what's defined in the base group. What am I missing?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion