I need some guidance as I am not fully understanding how this works or if it's going to work as I would like it to.
We have a NT domain and RADIUS server living in our DMZ that is beginning to die. We also have ACS 4.0 setup inside our network to provide AD authentication for our network devices. It is already AD integrated and woking fine in that respect. We also have local users for the purpose of access for consultants and contractors without AD accounts
Our desire is to move the NT domain and server out to pasture and use the ACS to provide Radius authentication to the VPN 3030. I have enabled the VPN 3000 attributes and have created a VPN group in ACS. However, - and this is the part my confusion begins to creep in - How do I limit VPN authorization by AD groups. We have specific groups that are allowed VPN access. Not everyone is allowed to use the VPN. How do I pass those controls through with the ACS Radius server?
And other than pointing the VPN Concentrator to the ACS and creating the groups and Net Devices in ACS, what else are the 'gotchas'?
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...