Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Dynamic Access-list

I'm using cisco Pix Ver.6.33 firewall as a NAS for my VPN clients, using the Cisco ACS ver.3.1 as a RADIUS AAA server for authenticating and downloading Cisco-av-pair to the user's connection in the pix. When the user get disconnect from the vpn the dynamic ACL (cisco-av-pair) is not disappearing, as it is suppose to, and therefore, even if I make any change to the cisco-av-pair in the ACS, when the user reconnect it still continue with the old access-list. Is there any configuration to automatically remove these acls from the pix when the user is disconnected? Is there any way to manually remove them?

1 REPLY
Silver

Re: Dynamic Access-list

These filters are called dynamic filters because they remain in place only for the duration of the session to which they apply. When the connection finishes, the filter should be dropped.

382
Views
0
Helpful
1
Replies
CreatePlease to create content