Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Downloading access lists

Hi.

I am trying to download a user access list from a RADIUS server. It looks like the server is passing it, but the firewall is ignoring it.

I am using FreeRADIUS (latest - 0.7.1) and PIX 515 6.2(2).

Any gotchas that I could be missing?

Am I correct that I want no sysopt connection permit-pptp?

Is it OK to have access lists applied to all interfaces and still get user access lists?

What is the exact setting I want RADIUS to pass? Reply-Message = "acl=101"? Filter-Id = "101"? Framed-Filter-Id = "101"?

Thanks in advance.

1 REPLY
New Member

Re: Downloading access lists

Are you talking about Per-user access lists for IP? That is nothing but the basic authorization feature supported by RADIUS implementation. If that indeed is true, please refer to the document on AAA support and Configuring RADIUS support available at the following URL's:

Configuring Basic AAA on an Access Server

http://www.cisco.com/warp/public/793/access_dial/security.html

873
Views
0
Helpful
1
Replies
CreatePlease login to create content