Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

VPN client authorization by using PIX and CiscoSecure ACS

Hello! We're now using a PIX525, CiscoSecure ACS server for WinNT, VPN client 3.0.2 to build up a VPN enviroment for a large IDC. Since there are different groups of customer and should be permitted to access only their own group of servers, so the question is how to realize that by using current tools on hand? Can we use ACS server for VPN user authorization, or the clients can only be seperated by assigning an IP address belongs to different subnet when setting up VPN tunnel???

Pls advise, thanks!

2 REPLIES
Cisco Employee

Re: VPN client authorization by using PIX and CiscoSecure ACS

Since you are using Client 3.0.2 you could assign the different customers to different groups, and assign them to different ip address pools as well. With xauth using CSNT, you could as well pass the filter id (ie acl name that is already defined in PIX), for individual groups, to limit their access to certain subnets/resources in the network.

New Member

Re: VPN client authorization by using PIX and CiscoSecure ACS

Thanks for your comments. Several of my friends also advise me try to pass acl thru ACS server to VPN client, maybe due to wrong configuration on ACS server, I failed to do so. Do you have a little more detailed instructions on how to config Cisco ACS server? So I can follow.......

BTW, could you pls tell me your mail address, so that we may discuss directly.

Again, thanks for your kindly help!

135
Views
0
Helpful
2
Replies
CreatePlease to create content