Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
555
Views
0
Helpful
1
Replies

ACS 5.4 drop authentication attempt rule

Paul Hanton
Level 1
Level 1

‎12-03-2013 04:14 AM - edited ‎03-10-2019 09:09 PM

I want to create rule in ACS that will drop authentication attempts from a certain IP address so that it will force the device to move to it's secondary auth server.

I used to create a dead route on the Server when we had it running on 3.3 and im wondering if theres a better way to do this with the new ACS policy based rules, any ideas pointers etc would be greatly apreciated.

Regards                   

Labels:
0 Helpful
1 Reply 1

edwjames
Level 3
Level 3

‎12-07-2013 07:08 PM

Paul,

Create a rule based identity section under access service.

Create the first rule and use a IP address based condition (I am not sure which IP address you are looking for, Client's or Device's), set the result to a DB that will not authenticate the user successfully, use the advanced options there to manipulate the ACS to DROP the request.

Note: this will get replicated to your secondary server if in replication, so you might need to use an additional ACS instance condition in the rule you created.

**Share your knowledge. It’s a way to achieve immortality.
--Dalai Lama**

Please Rate if helpful.
Regards
Ed

**Share your knowledge. It’s a way to achieve immortality. --Dalai Lama** Please Rate if helpful. Regards Ed
0 Helpful
Customers Also Viewed These Support Documents