In these you have to define Network Access Filters having ACE for ACE-NAP
and MDS for MDS-NAP
And for the NAP's you have to define the Radius Authorization components (attributes) to be send when the authentication happens from the devices referred in NAP.
(Both NAF and RAC can be defined in Shared Profile Components, if you cannot see them there enable them from Interface Configuration)
So now whenever the authentication will happen, ACS will look at the required NAP and for specific device send the required RAC attributes, So for ACE devices you will get only ACE attributes and for MDS you will only get MDS attributes.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...