Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1268
Views
0
Helpful
2
Replies

ACS - cisco-av-pair

li_xiao_li
Level 1
Level 1

‎04-30-2012 10:23 PM - edited ‎03-10-2019 07:03 PM

Hi Sir,

I have some doubts about the attribute in ACS: cisco-av-pair. I setup some ACLs in this attribute and hope this attribute can be sent from ACS to my PIX/ASA for future filtering usage if an user passes the first authentication attempt. I found that this attribute can not be installed in the PIX (when I checked the PIX using 'show access-list') even though the user passes the authentication. What is the reason?

Labels:
0 Helpful
2 Replies 2

Eduardo Aliaga
Level 4
Level 4

‎05-12-2012 08:20 PM

ASA do support downloadable access-lists. Old versions of PIX software do it in a different way. Could you please tell us what ASA or PIX version are you using ?

0 Helpful

li_xiao_li
Level 1
Level 1

‎05-13-2012 07:27 PM

Hello,

I am using ASA8.0 software. I also tried to use 'downloadable ACL' attribute, this attribute does the job as its name says. But cisco-av-pair cannot. Is there another possible reason?

Thanks.

0 Helpful
Customers Also Viewed These Support Documents