Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Attention: The Community will be in read-only mode on 12/14/2017 from 12:00 am pacific to 11:30 am.

During this time you will only be able to see content. Other interactions such as posting, replying to questions, or marking content as helpful will be disabled for few hours.

We apologize for the inconvenience while we perform important updates to the Community.

New Member

Cisco ACS3.0 Network Access Restrictions

I have a 3640 connected to a ISDN30 to allow remote users access to the network. All the users are authenticated via Cisco ACS 3.0, I want to allow the remote users access to only a selected number of servers. On the ACS I have defined a Network Access Restriction list to only allow access to the selected servers and to stop any other access, When I apply the list to a user it has no effect and they can see everything.

Do I need to set anything up on the router or have I missed something on the ACS ?

Cisco Employee

Re: Cisco ACS3.0 Network Access Restrictions

Network Access Restrictions is used to restrict (or allow) users to only be able to authenticate from certain devices. for example, you would add the 3640 into this list so that those users can only authenticate into that machine.

When you say "I want to allow the remote users access to only a selected number of servers", do you mean access to internal servers AFTER the user has authenticated to the 3640? If so, then this is NOT what NAR's are used for. For that you'd probably just want to apply an ACL on the 3640 restricting the dialup pool of addresses to those certain servers.


Re: Cisco ACS3.0 Network Access Restrictions

Thanks for that.

I did not explain the original problem very well. but yes I wanted to allow access after users have been authenticated by the 3640.

I will have a go with ACL.

CreatePlease to create content