Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

virtual telnet and acs problem

Have downloaded a document from the cisco website that explains

that you can configure a group on a CSACS server to reference

a named access-list configured on a AAA client i have configured

the group (see attachment) and placed a user in it (user1)

What i am trying to acheive is this i want user1 to be only able

to access a shared folder on a file server located on a server

with the ip address of 192.168.2.3 that is located on the outside

nterface of a pix 515 firewall and not any shared folders on any

other machine located on the outside interface nor do i want him

to have access to the internet

(user1's machine is located on the inside interface)

i have created this access-list on the firewall

access-list sales permit ip any host 192.168.2.3

access-list sales deny ip any any

Being the resource i am trying to connect to is not one you can

authenticate against ie http telnet or ftp i have to authenticate

via virtual telnet.

i have enabled virtual telnet on the pix

virtual telnet 192.168.2.21

the problem i have is that when i try to authenticate via virtual

telnet the authentication fails with the following message

Error: acl authorisation denied

I assume that something has to be added to the access-list

but i not sure what

I have been right through the downloaded document but there is no mention

of any further configuraion that needs to be done

when i set the same network up without the group referencing any named

acls there is no authentication problems

Has anybody any ideas as to what has to be done to get this to work

Regards

Melvyn Brown

134
Views
0
Helpful
0
Replies
CreatePlease to create content