Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Restrict VPN remote user using ACS and IOS Router

Hi,

I've got some problem.

I have vpn router as vpn server and also ACS to authenticate vpn remote user(cisco vpn client).

And the goal I want is to limiting user access for several ports.

I try with Filter ID, Cisco AVpair, and also downloadable ACL, but can't work.

Need your help, thx

cheerz

3 REPLIES
Cisco Employee

Re: Restrict VPN remote user using ACS and IOS Router

1) HAve you checked out to make sure the format of the DACLs or Cisco-AV-Pairs are correct?

http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_configuration_guide_chapter09186a00801fd914.html#wp391234

2) FilterID is the name of the access-list already defined on the VPN server.

Turn on the "debug crypto isakmp/ipsec or aaa " and see what is happening.

New Member

Re: Restrict VPN remote user using ACS and IOS Router

Hi,

1. I'm sure

2. Yes, I already config the ACL on VPN router.

See the attachment for debug, sh run, and also log in ACS.

In this case, I test use DACL

Thx for your help.

New Member

Re: Restrict VPN remote user using ACS and IOS Router

hi,

The link is for PIX, any other link for Cisco IOS Router ?

Is it applicable in Cisco router ?

thx

245
Views
0
Helpful
3
Replies