03-26-2008 05:30 AM - edited 03-10-2019 03:44 PM
Hi,
We have ACS 4.1 Integrated with our AD which is in use for our WLAN Users (PEAP Authentication & Easy VPN). We have configured our network devices to authenticate through ACS, the issue with current setup is that any user who is accessing the WLAN or VPN can access my network devices. We want only certain users to access the network devices. How can we achieve this...do anyone have an idea...if my question is not clear please revert back to me...
Rgd,
Haaris
03-28-2008 04:01 PM
Haaris,
You need to apply NAR's , please see this link,
http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_white_paper09186a00801a8fd0.shtml
Regards,
~JG
Do rate helpful posts
04-07-2008 11:33 PM
Thanks alot...
I am reading the document, once I am done I will surely rate you if that works. I just had glimps on the documentation, in the last I have seen the below given, anything more to do additional than this document???
Known Issues with NAR
CSCea35303-Changing the network device group for network access server causes undetermined results
CSCea63816-NAR list size and field size limitation
CSCdz84451-Defining two NAS entries with identical IP address
CSCea28987-Enhancement request to NAR: Use nonsequential IP address definition
CSCea87466-Enhancement request to NAR: Use RADIUS attribute 66/67 in NAR
Regards,
04-10-2008 08:17 AM
Hey,
I've introduced NAR's for the same reasons as you and everything seems to working great. I just denied specific user groups to accessing specific device groups and it worked.
Craig
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: