Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

ACS 5.4 drop authentication attempt rule

I want to create rule in ACS that will drop authentication attempts from a certain IP address so that it will force the device to move to it's secondary auth server.

I used to create a dead route on the Server when we had it running on 3.3 and im wondering if theres a better way to do this with the new ACS policy based rules, any ideas pointers etc would be greatly apreciated.

Regards                   

1 REPLY
Silver

ACS 5.4 drop authentication attempt rule

Paul,

Create a rule based identity section under access service.

Create the first rule and use a IP address based condition (I am not sure which IP address you are looking for, Client's or Device's), set the result to a DB that will not authenticate the user successfully, use the advanced options there to manipulate the ACS to DROP the request.

Note: this will get replicated to your secondary server if in replication, so you might need to use an additional ACS instance condition in the rule you created.

**Share your knowledge. It’s a way to achieve immortality.
--Dalai Lama**

Please Rate if helpful.
Regards
Ed

**Share your knowledge. It’s a way to achieve immortality. --Dalai Lama** Please Rate if helpful. Regards Ed
202
Views
0
Helpful
1
Replies
CreatePlease to create content