Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

How to restrict user in vpn remote access using external database in acs4.2

Hi,

I've got ACS 4.2 windows installed in domain member server n run well. I can authenticate using users in AD. I use this ACS for authenticating user for routers & switches access, VPN access and wireless access.

The question is how could i restrict certain person for VPN acess and routers / switches access? But allowed all users in AD for wireless access?

1 REPLY

Re: How to restrict user in vpn remote access using external dat

Charles,

You need to set up NARs to control the device access on the group membership basis.

http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_tech_note09186a0080858d3c.shtml

Now since we are using windows AD, we need to map AD group with specific ACS group.

Example

Wireless Group ACS <----> Wireless group AD

NAR would be configured on ACS wireless group.

Regards,

~JG

Do rate helpful posts.

333
Views
0
Helpful
1
Replies