Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

EzVPN in NEM + ACS

Hi!

I am about to setup a couple of branch office sites connected to the corporate network thru Easy VPN Remote Access. I will be using a PIX501 at the VPN client side and a VPN3030 Concentrator at server side.

My question is, can I use our Cisco Secure RADIUS server to setup GROUPS or am I bound to use groups internally configured in the Concentrator?

Theoretically I belive I can but I lack the "Allow Network Extension"-check box when configuring groups in ACS so I´m not sure.

The ACS SW version is v 3.0.

Thanx in advance.

3 REPLIES
Bronze

Re: EzVPN in NEM + ACS

The group names need to be configured locally. The RADIUS server can then be configured with the group permissions.

New Member

Re: EzVPN in NEM + ACS

Thank you for taking your time to answer!

Yes, that´s how I plan to set it up but my worries now is to locate the RADIUS group attribute that specifies that Network Extension Mode is allowed.

It´s not in the list of available attributes in our Cisco ACS 3.0.

New Member

Re: EzVPN in NEM + ACS

Appearantly the attribute has been lost sometime during the compilation of the ACS.

I recieved this answer from Pete Davis in an "Ask the expert" thread in another forum here on Cisco:

psd - CISCO SYSTEMS

Jan 20, 2004, 12:12pm PST

Unfortunately this attribute seems to have been missed while compiling the list of available attributes. My suggestion would be to open up a TAC case so that a bug can filed against Cisco Secure ACS. Engineering can then work with your TAC engineer to help provide you with a fix.

238
Views
3
Helpful
3
Replies
CreatePlease to create content