×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

per user VPN access lists using 1721 series router

Unanswered Question
Jan 12th, 2006
User Badges:

I am trying to create per-user access lists for VPN clients connecting to 1721 router.


I have set aaa authorization to access my radius server & I can see the AV-pairs being returned to the router. However, they dont seem to be getting applied.


Is this scenario possible on this router ? Has anyone had any success with this scenario on this platform?


Marc

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
smalkeric Wed, 01/18/2006 - 13:55
User Badges:
  • Silver, 250 points or more

Add the aaa authorization network default tacacs|radius, debug aaa author (and the debug aaa per-user command if you are using per-user access control lists) commands with the terminal monitor command enabled and observe the access list being sent down. For RADIUS only: If the RADIUS server does not allow for attribute 11 (Filter-id) to be specified as #.in or #.out, the default is out. For example, if the server sends attribute 111, this is presumed by the router to be "111.out.

Actions

This Discussion