I'm trying to block Internet access to a set of domain users by creating a group called "nonet_users" in my PDC and assigning those users to this group. The problem is that all those users belong to at least one other domain group like "Domain_Uses". When the CE-507 queries the PDC the response is always matching the "Domain_Users" group making the HTTP request matching the "permit any" ACL line.
Let me add that i don't want to deny Internet access to all "Domain_Users" users so i can't use this group in the ACL.
Why do you need native HA: The native HA feature allows two Cisco DCNM
appliances to run as active and standby applications, with their
embedded databases synchronized in real time. Therefore, when the active
DCNM is not functioning, the standby DCNM will...
This document will provide screenshots to outline the steps to setup
TACACS+ configuration to ACI and also the configuration required on
Cisco ACS server. Please find the official Cisco guide for configuring
TACACS+ Authentication to ACI:
Is it supported or NOT supported? It's a frequently asked question.
Before APIC, release 2.3(1f), transit routing was not supported within a
single L3Out profile. In APIC, release 2.3(1f) and later, you can
configure transit routing with a single L3Out pr...