Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

VPN3k Group Authorization and ACS

I have a VPN3030 and a Cisco ACS 4.1 SE. I'm using WebVPN and want the URLs displayed to the remote access user to be dependent on the group w/in ACS. I created four external groups w/in the VPN3k and the URLs under each group. I also created the groups in ACS and the users w/in those groups. I tried adding “OU=groupname;” for IETF attribute #25, when I do that, the user authentication fails and in ACS I see the failure and a passed authentication. If I disable attribute 25 or disable authorization, I can authenticate but only get what's defined in the base group. What am I missing?

1 REPLY
Silver

Re: VPN3k Group Authorization and ACS

You can configure ACLs to restrict access to web sites. Have a look at the URL http://cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.0/user/guide/c.html to configure ACLs on ACS.

98
Views
0
Helpful
1
Replies