Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
421
Views
0
Helpful
2
Replies

VPN client authorization by using PIX and CiscoSecure ACS

thunderking1
Level 1
Level 1

‎10-30-2001 11:54 PM - edited ‎02-21-2020 11:28 AM

Hello! We're now using a PIX525, CiscoSecure ACS server for WinNT, VPN client 3.0.2 to build up a VPN enviroment for a large IDC. Since there are different groups of customer and should be permitted to access only their own group of servers, so the question is how to realize that by using current tools on hand? Can we use ACS server for VPN user authorization, or the clients can only be seperated by assigning an IP address belongs to different subnet when setting up VPN tunnel???

Pls advise, thanks!

Labels:
0 Helpful
2 Replies 2

cjacinto
Cisco Employee
Cisco Employee

‎11-05-2001 09:24 PM

Since you are using Client 3.0.2 you could assign the different customers to different groups, and assign them to different ip address pools as well. With xauth using CSNT, you could as well pass the filter id (ie acl name that is already defined in PIX), for individual groups, to limit their access to certain subnets/resources in the network.

0 Helpful

thunderking1
Level 1
Level 1
In response to cjacinto

‎11-08-2001 10:37 PM

Thanks for your comments. Several of my friends also advise me try to pass acl thru ACS server to VPN client, maybe due to wrong configuration on ACS server, I failed to do so. Do you have a little more detailed instructions on how to config Cisco ACS server? So I can follow.......

BTW, could you pls tell me your mail address, so that we may discuss directly.

Again, thanks for your kindly help!

0 Helpful
Customers Also Viewed These Support Documents