Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ACS 4.1 Network Device Authentication...

Hi,

We have ACS 4.1 Integrated with our AD which is in use for our WLAN Users (PEAP Authentication & Easy VPN). We have configured our network devices to authenticate through ACS, the issue with current setup is that any user who is accessing the WLAN or VPN can access my network devices. We want only certain users to access the network devices. How can we achieve this...do anyone have an idea...if my question is not clear please revert back to me...

Rgd,

Haaris

  • AAA Identity and NAC
3 REPLIES

Re: ACS 4.1 Network Device Authentication...

Haaris,

You need to apply NAR's , please see this link,

http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_white_paper09186a00801a8fd0.shtml

Regards,

~JG

Do rate helpful posts

New Member

Re: ACS 4.1 Network Device Authentication...

Thanks alot...

I am reading the document, once I am done I will surely rate you if that works. I just had glimps on the documentation, in the last I have seen the below given, anything more to do additional than this document???

Known Issues with NAR

CSCea35303-Changing the network device group for network access server causes undetermined results

CSCea63816-NAR list size and field size limitation

CSCdz84451-Defining two NAS entries with identical IP address

CSCea28987-Enhancement request to NAR: Use nonsequential IP address definition

CSCea87466-Enhancement request to NAR: Use RADIUS attribute 66/67 in NAR

Regards,

New Member

Re: ACS 4.1 Network Device Authentication...

Hey,

I've introduced NAR's for the same reasons as you and everything seems to working great. I just denied specific user groups to accessing specific device groups and it worked.

Craig

183
Views
8
Helpful
3
Replies