How to restrict user in vpn remote access using external database in acs4.2

Unanswered Question
Nov 14th, 2009
User Badges:

Hi,


I've got ACS 4.2 windows installed in domain member server n run well. I can authenticate using users in AD. I use this ACS for authenticating user for routers & switches access, VPN access and wireless access.


The question is how could i restrict certain person for VPN acess and routers / switches access? But allowed all users in AD for wireless access?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jagdeep Gambhir Sat, 11/14/2009 - 07:27
User Badges:
  • Red, 2250 points or more

Charles,

You need to set up NARs to control the device access on the group membership basis.



http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_tech_note09186a0080858d3c.shtml


Now since we are using windows AD, we need to map AD group with specific ACS group.


Example


Wireless Group ACS <----> Wireless group AD


NAR would be configured on ACS wireless group.



Regards,

~JG


Do rate helpful posts.

Actions

This Discussion