cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1349
Views
4
Helpful
2
Replies

vpn group authentication with acs 5.3 and MAC client vpn authentication

ngo duyen
Level 1
Level 1

I have try "vpn group authentication with acs 5.2" and it work well.

https://supportforums.cisco.com/thread/2081161

Now I want to config addition condition, I want  ACS check MAC address of computer which

initialize connection to vpn server before accept vpn connection.

I use End Station filter with the MAC address but I have failed. When I check "Monitoring and report" in ACS, ACS check public IP of vpn client as MAC address.

Could you check the problem ?

Is there any way to do the requirement ?

thanks

Duyen.

2 Replies 2

Tarik Admani
VIP Alumni
VIP Alumni

Hi,

You can not check the mac address of a vpn client because the calling-station-id appears as the ip address of the client and not the mac address. The calling station id is the mac address in dot1x deployments.

Thanks,

Tarik Admani
*Please rate helpful posts*

Hi Tarik, i have a situation like this, is there a way to use the mac address as a variable for the authentication of the users.

Regards

Oscar

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: