Restrict VPN remote user using ACS and IOS Router

Unanswered Question
Jan 23rd, 2009
User Badges:

Hi,

I've got some problem.

I have vpn router as vpn server and also ACS to authenticate vpn remote user(cisco vpn client).

And the goal I want is to limiting user access for several ports.

I try with Filter ID, Cisco AVpair, and also downloadable ACL, but can't work.

Need your help, thx


cheerz

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Nelson Rodrigues Fri, 01/23/2009 - 19:02
User Badges:
  • Cisco Employee,

1) HAve you checked out to make sure the format of the DACLs or Cisco-AV-Pairs are correct?


http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_configuration_guide_chapter09186a00801fd914.html#wp391234


2) FilterID is the name of the access-list already defined on the VPN server.


Turn on the "debug crypto isakmp/ipsec or aaa " and see what is happening.



ariantow123 Fri, 01/23/2009 - 19:52
User Badges:

Hi,

1. I'm sure

2. Yes, I already config the ACL on VPN router.


See the attachment for debug, sh run, and also log in ACS.

In this case, I test use DACL

Thx for your help.



ariantow123 Mon, 01/26/2009 - 20:45
User Badges:

hi,

The link is for PIX, any other link for Cisco IOS Router ?

Is it applicable in Cisco router ?


thx

Actions

This Discussion