Downloadable ACL on Cisco IOS router (from ACS) ?

Unanswered Question
Jun 16th, 2010
User Badges:

Hi,


(I am a bit new to some of the IOS Security features)


Is it possible to "download" and ACL from TACACS+ (ACS 5.1) OR RADIUS AV Pairs ?


       I know that the lists can be configured on ACS, but how are they applied on a IOS router ?



I have read about "lock and key ACL" , but the examples I have seen only use ACS to authenticate.




Also, if the lists can be downloaded, WHERE can they be applied ? Would it be limited to vty ?


         What I ultimately want, is to have an ACL applied per user, when VPN users login to the crypto map / Tunnel interface.




Thanks

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
shahedvoicerite Thu, 06/17/2010 - 02:12
User Badges:

Thanks, but I already know that it IS possible in ACS.



My question is how do I *USE* this on an IOS router like a 2811. (As opposed to a PIX/ASA)


i.e What IOS commands do I enter, and where can I enter them, to make use of such ACLs.


I cant seem to find any docs on this, and the only "lock and key" dACL example, does not show how to download the ACL

from ACS.


At this point, I am not sure if this feature is even supported on IOS routers, or if its only for PIX/ASA


Thanks

Actions

This Discussion