Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Groups in ACS

Hi,

I would like to create 2 user groups (A & B) in my ACS server such that Users in A group are able to access switches and routers only where as Users in B group are able to access only MGXs. Group A users should nt access MGX and Group B users are not able to access switches and routers. Please help how to do this...

regards

Neo

1 REPLY

Re: Groups in ACS

Hi,

Try the Network Access Restrictions (edit Group properties). It is used to permit or deny a group access using an access filter.

- Create users and assign them to Group A & B.

- Create/add network devices (as AAA client) under their respective network device group of switches & routers and MGX.

- Then, under each group, go to :

- Network Access Restrictions (NAR) - Per Group Defined Network Access Restrictions

- Enable checkbox under - Define IP-based access restriction

AAA Client - select AA client group permitted to be access by this user Group.

* Refer to ACS's help under help for "Network Access Restrictions" when you edit the group.

More info at:

http://www.cisco.com/en/US/products/sw/secursw/ps5338/products_user_guide_chapter09186a008023360f.html#wp865760

Rgds,

AK

156
Views
5
Helpful
1
Replies
CreatePlease to create content