Has anybody implemented the following solution?
- PIX 6.2 or 6.3
- CS ACS 3.x
- VPN Clients 3.x or 4.x
VPN clients are authenticated using radius when establishing the VPN session to the PIX. I want a predefined ACL to be dynamically assigned to the PIX by the ACS for that VPN session.
The CCO documentation on dynamic ACLs refers to authentication via a HTTP front-end. I want to avoid this as the VPN users are already authenticated during the set-up of the VPN session.
Any help or advice is much appreciated.
Regards,
Daithi