08-20-2008 05:21 AM - edited 03-10-2019 04:02 PM
Hello,
I need syntax on how to create an ACL and apply to a user, (Example : deny host 192.168.1.5 / 192.168.1.9 / all all)
Solved! Go to Solution.
08-21-2008 02:06 AM
This is an example using NAFs, but you can easily skip the NAF part:
http://admingods.us/wp-content/uploads/2008/04/asa-acs-4.pdf
Regards
Farrukh
08-20-2008 06:46 AM
On which device? ASA, VPNC?
Regards
Farrukh
08-20-2008 12:24 PM
on ACS Server ; under download ACL
08-20-2008 06:33 PM
Thats cool, but which device do you want to download the ACLs to? The AAA Client? Router, ASA?
Regards
Farrukh
08-20-2008 11:28 PM
Thanks ...
Its Router and ASA
08-20-2008 11:56 PM
This is the link for the IOS:
http://www.cisco.com/en/US/products/sw/secursw/ps1018/products_tech_note09186a0080094eb0.shtml
Here is the link for the ASA:
http://www.cisco.com/application/pdf/paws/8527/atp52.pdf
(Pg 14 and onwards)
Regards
Farrukh
08-21-2008 12:46 AM
Thanks Happs.
But this is not my requirement.
I want to allow specific host for a specific user by using ACL on ACS Box.
Let me give you an example :-
A remote-access user gets authenticated via ACS and should be allowed to access a specific host on the network. ( Only allowed to access Data-Server on the network i.e host IP 192.168.1.150 )
I Guess to get this working we need to create an ACL on ACS-BOX and apply to user-profile..
How to create ACL to permit DATA-Server Host only and deny all
===============================
permit host 192.168.1.150
deny ip host any any
===============================
08-21-2008 02:06 AM
This is an example using NAFs, but you can easily skip the NAF part:
http://admingods.us/wp-content/uploads/2008/04/asa-acs-4.pdf
Regards
Farrukh
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: