isdn bri interface failed to apply an access-list that configure on ACS

dudum · ‎09-20-2001

Hi !

I am trying to work with access-list per user on ACS and cisco 3640 with pri interface .

When i apply an access-list on the Cisco secure ACS v2.6 /user setup/Cisco IOS/PIX RADIUS Attributes/cisco-av-pair/(ip:inacl#1="permit tcp 10.10.10.0 0.0.0.255 192.168.1.0 0.0.0.255

Or ip:inacl=189 ), I try it under the group setup to .

The isdn bri interface failed to apply it.

The massage that i get is as fallow =

%PERUSER-3-ISDNINTF: Se0/0:16 access_group: Can not apply configuration to ISDN channel:

"ACL_No_Internet_In".

What i need to know is how can i apply an access-list that configure on the acs at the lcp stage or you can sagest me any other way .

p.s.

I know that i can not apply any configuration to isdn

interface at the negotiation stage

thomas.chen · ‎09-26-2001

Do you already have an access-list applied to the router that is not allowing this change? This may be too complex to troubleshoot here without configs and debugs.

jtissot · ‎10-24-2001

i resolved a problem with acl , PRI and ASC by configuring virtual-profil and interface virtual-template in cisco router 3640.

jheck · ‎10-25-2001

I have used ACL's in Cisco Secure before mostly as a group setting. It looks to me that all you need to do is remove the "ip:" from the acl. HTH

dudum · ‎10-27-2001

Hi !

thank you very much for you're help