I have configured a 350 wireless card and 2-350 AP's for LEAP authentication with ACS 3.1 and all works fine authenticating to both AP's. I want to test the ability to deny access to one of the AP's using NAR's. I have added the NAR to the group I am in and even with the "allowed" AP turned off it still let's me authenticate to the "disallowed" one. The passed authentication log says that all access filters have passed. After that I added the rule to my group to deny access from all IP to all AAA clients and it still let's me authenticate. Any ideas?
I ended up logging a call with the TAC and what I found out is that for the NAR filters to apply you need to set a deny rule using the CLI/DNIS as well as the IP filters for the same devices or NDG's. Works great now...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...