Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ASA auth-proxy with Radius and downloadable ACL

Hello

I want to have ACLs which decide which traffic to allow after auth-proxy authorisation.

1. What options do i have for ASA+ACS ?

2. Can i use auth-proxy on ASA with ACS and radius and downloadable ACL ?

3. Can i use auth-proxy on ASA with ACS and radius 009/001 cisco-av-pair (will ASA understeand it ?)

4. Can i use auth-proxy on ASA with ACS and tacacs auth-proxy attributes (with ACL) ?

Thanx

1 ACCEPTED SOLUTION

Accepted Solutions

ASA auth-proxy with Radius and downloadable ACL

Hi,

Take a look over this guide to see if this helps answer your question. You can use both downloadable ACL or the cisco av-pairs, I have seen that the cisco-av-pair method works a little better because it has the username who logged in as a part of the acl which eases troubleshooting.

http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/access_fwaaa.html#wp1150820

thanks,

Tarik Admani

Tarik Admani *Please rate helpful posts*
1 REPLY

ASA auth-proxy with Radius and downloadable ACL

Hi,

Take a look over this guide to see if this helps answer your question. You can use both downloadable ACL or the cisco av-pairs, I have seen that the cisco-av-pair method works a little better because it has the username who logged in as a part of the acl which eases troubleshooting.

http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/access_fwaaa.html#wp1150820

thanks,

Tarik Admani

Tarik Admani *Please rate helpful posts*
850
Views
0
Helpful
1
Replies