Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

How to configure CLI/DNIS based access restriction in 5.3 ?

Hi,

does anybody have an idea how the setting

define CLI/DNIS-based access restrictions which is defined in ACS v. 4.2

can be configured in acs 5.3 ?

in v. 4 for every user in a group with 40 members  a different CLI is defined for each. How can I configure that in version 5.3 ?

any help as always much appreciated!

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

How to configure CLI/DNIS based access restriction in 5.3 ?

The equivalebt to NAR functionality can be found at:

Policy Elements > Session Conditions > Network Conditions > End Station Filters

Can then define an object with a set of CLI values

These objects can then be used in policy conditions. So can create a condition with a set of CLI values and then match in authorization policy for values that are included in this set and set authorizations accoridngly

Not sure if this is your use case but hopefully may be a start

2 REPLIES
Cisco Employee

How to configure CLI/DNIS based access restriction in 5.3 ?

The equivalebt to NAR functionality can be found at:

Policy Elements > Session Conditions > Network Conditions > End Station Filters

Can then define an object with a set of CLI values

These objects can then be used in policy conditions. So can create a condition with a set of CLI values and then match in authorization policy for values that are included in this set and set authorizations accoridngly

Not sure if this is your use case but hopefully may be a start

New Member

How to configure CLI/DNIS based access restriction in 5.3 ?

Hi, yes, I think thats the way to go. It will give me quite a lot of lines in the access policy, but a quick test seemed to work.

Thanks

661
Views
0
Helpful
2
Replies
CreatePlease login to create content