Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ACS4.1

Hi All,

1> Created two NT groups in window

VPNusers

Networkusers

2>created two group in acs such as

Routernetworkadmin

switch networkadmin.

3> Mapped vpnusers with routernetworkadmin

   mapped networkusres with switchnetworkadmin

4> Created two NDG

Coredevices

L2devices

In coredevices add aaa client such as router,firewall, swith

in l2 devices  added only switch

5) Created two NAR

superadmin

subadmin

under superadmin added NDG coredevices

under subadmin added NDG  L2devices.

6> finally created two user say x and Y

user x is addedd under the group routeradmin group

user y is added under the group switch networkadmin

Requiremt is user x should access only devices mentioned under routeradmin group

and user y should access only devices mentioned under switch networkadmin group.

Does the above config works

  • AAA Identity and NAC
1 REPLY

ACS4.1

Hi,

If the NAR is configured correctly under the correct group, the above scenario should work.

From under the user group you need to select the NAR which decides what devices this group members can access.

HTH

Amjad

Rating useful replies is more useful than saying "Thank you"

Rating useful replies is more useful than saying "Thank you"
134
Views
0
Helpful
1
Replies
This widget could not be displayed.