Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

EzVPN in NEM + ACS

Hi!

I am about to setup a couple of branch office sites connected to the corporate network thru Easy VPN Remote Access. I will be using a PIX501 at the VPN client side and a VPN3030 Concentrator at server side.

My question is, can I use our Cisco Secure RADIUS server to setup GROUPS or am I bound to use groups internally configured in the Concentrator?

Theoretically I belive I can but I lack the "Allow Network Extension"-check box when configuring groups in ACS so I´m not sure.

The ACS SW version is v 3.0.

Thanx in advance.

3 REPLIES
Bronze

Re: EzVPN in NEM + ACS

The group names need to be configured locally. The RADIUS server can then be configured with the group permissions.

New Member

Re: EzVPN in NEM + ACS

Thank you for taking your time to answer!

Yes, that´s how I plan to set it up but my worries now is to locate the RADIUS group attribute that specifies that Network Extension Mode is allowed.

It´s not in the list of available attributes in our Cisco ACS 3.0.

New Member

Re: EzVPN in NEM + ACS

Appearantly the attribute has been lost sometime during the compilation of the ACS.

I recieved this answer from Pete Davis in an "Ask the expert" thread in another forum here on Cisco:

psd - CISCO SYSTEMS

Jan 20, 2004, 12:12pm PST

Unfortunately this attribute seems to have been missed while compiling the list of available attributes. My suggestion would be to open up a TAC case so that a bug can filed against Cisco Secure ACS. Engineering can then work with your TAC engineer to help provide you with a fix.

237
Views
3
Helpful
3
Replies
CreatePlease to create content