I have a PIX 525 runing 6.3.1 sofware and i'm trying to restrict access to certain users accessing my internal network trough VPN (VPND) i've been able to authenticate users but authrization with downloadable acls configured on the acs 3.1 using radius dont seem to work.
is there any other way to control incoming trafic?
Please see bug CSCdy84724 'per-user / downloadable ACLs with RADIUS for L2TP/PPTP'. As per the bug PIX currently does not support the per-user access lists in any form, if the PPP-style protocols (PPTP or L2TP) are used.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...