Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ISE v1.1 ACL merging?

Hello all,

I would like ask you about some technology help  ..

Customer would like create policy model for remote-access services based on „roles“. For example :

User1 is member of GroupA in LDAP and is member of GroupB as well.

Security GroupA specify access to some resources (can be represented as ACL, ACL-A), security GroupB is represented as other pool of resources (as well can be represented as ACL, for example ACL-B).

Final status is, if VPN client will connect, he will get authorization based on both ACL-A and ACL-B.

How can we dynamicaly provide „merging“ of ACLs ?

ACL merging can’t be provided manualy, because there can be more then 2 security groups and there are more VPN users, which can have various combination of security groups membership.

Thanks a lot for your help,

Regards,

Peter

Everyone's tags (2)
496
Views
0
Helpful
0
Replies