10-01-2013 03:27 AM
How much ...... it is usable with authentication and authorization with ACS having TACACS+ Server. SSL is worse in this case.....?
Is ACS having such support with TACACS+ for VPN policy assigements....?
10-01-2013 04:32 AM
http://www.cisco.com/en/US/docs/security/asa/asa90/configuration/guide/aaa_servers.html#wp1052971
tacacs is not supported for authorization of VPN users.
10-02-2013 03:14 AM
Hi Bikram,
That's right. Tacacs wouldn't help you with authorization for vpn users. Since you'd like to assign group-policy based on user's group/identity. This can only be possible with RADIUS or LDAP. SInce you'd like to configure this with ACS so the first link would work for you.
Configure ACS to Assign a Group Policy at Login using RADIUS
PIX/ASA 8.0: Use LDAP Authentication to Assign a Group Policy at Login
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00808d1a7c.shtml
Please feel free to let us know if you need some additional configuration.
~BR
Jatin Katyal
**Do rate helpful posts**
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide