I am about to setup a couple of branch office sites connected to the corporate network thru Easy VPN Remote Access. I will be using a PIX501 at the VPN client side and a VPN3030 Concentrator at server side.
My question is, can I use our Cisco Secure RADIUS server to setup GROUPS or am I bound to use groups internally configured in the Concentrator?
Theoretically I belive I can but I lack the "Allow Network Extension"-check box when configuring groups in ACS so I´m not sure.
Appearantly the attribute has been lost sometime during the compilation of the ACS.
I recieved this answer from Pete Davis in an "Ask the expert" thread in another forum here on Cisco:
psd - CISCO SYSTEMS
Jan 20, 2004, 12:12pm PST
Unfortunately this attribute seems to have been missed while compiling the list of available attributes. My suggestion would be to open up a TAC case so that a bug can filed against Cisco Secure ACS. Engineering can then work with your TAC engineer to help provide you with a fix.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...