Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
568
Views
0
Helpful
3
Replies

Restrict VPN remote user using ACS and IOS Router

ariantow123
Level 1
Level 1

‎01-23-2009 05:19 PM - edited ‎03-10-2019 04:17 PM

Hi,

I've got some problem.

I have vpn router as vpn server and also ACS to authenticate vpn remote user(cisco vpn client).

And the goal I want is to limiting user access for several ports.

I try with Filter ID, Cisco AVpair, and also downloadable ACL, but can't work.

Need your help, thx

cheerz

Labels:
0 Helpful
3 Replies 3

Nelson Rodrigues
Cisco Employee
Cisco Employee

‎01-23-2009 07:02 PM

1) HAve you checked out to make sure the format of the DACLs or Cisco-AV-Pairs are correct?

http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_configuration_guide_chapter09186a00801fd914.html#wp391234

2) FilterID is the name of the access-list already defined on the VPN server.

Turn on the "debug crypto isakmp/ipsec or aaa " and see what is happening.

0 Helpful

ariantow123
Level 1
Level 1
In response to Nelson Rodrigues

‎01-23-2009 07:52 PM

Hi,

1. I'm sure

2. Yes, I already config the ACL on VPN router.

See the attachment for debug, sh run, and also log in ACS.

In this case, I test use DACL

Thx for your help.

21471-debug_shrun_log.zip
0 Helpful

ariantow123
Level 1
Level 1
In response to Nelson Rodrigues

‎01-26-2009 08:45 PM

hi,

The link is for PIX, any other link for Cisco IOS Router ?

Is it applicable in Cisco router ?

thx

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents