https://community.cisco.com/t5/network-access-control/acs5-replacement-for-ip-pools/m-p/2082871#M150704 <HTML><HEAD></HEAD><BODY><P>For the ASA it's the Attribute 217 "Address-Pools":</P><P><A class="jive-link-external-small" href="http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/ref_extserver.html#wp1802187">http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/ref_extserver.html#wp1802187</A></P><P></P><P></P><P>--&nbsp; <BR />Don't stop after you've improved your network! Improve the world by lending money to the working poor: <BR /><A class="jive-link-external-small" href="http://www.kiva.org/invitedby/karsteni">http://www.kiva.org/invitedby/karsteni</A></P></BODY></HTML> Sun, 27 Jan 2013 13:46:13 GMT Karsten Iwen 2013-01-27T13:46:13Z https://community.cisco.com/t5/network-access-control/acs5-replacement-for-ip-pools/m-p/2082870#M150656 <P>All,</P><P></P><P>I know ACS 5 lacks the IP Pools of earlier ACS versions. I'm looking at a 4 to 5 migration and was thinking of just configuring the IP Pools on the router ("ip pool local" etc) and sending back a RADIUS Cisco Attribute pair with the name of the pool. (Seemed like a neat fix, needs no extra kit, etc.)</P><P></P><P>I could have sworn that attribute pair existed... but I can't find it in ACS5! What's it's name?! Where is it!? Or have I gone mad!? (And, if I have gone mad, how would you go about fixing it?)</P><P></P><P>Cheers!</P> Mon, 11 Mar 2019 03:01:02 GMT https://community.cisco.com/t5/network-access-control/acs5-replacement-for-ip-pools/m-p/2082870#M150656 Paul Masterton 2019-03-11T03:01:02Z https://community.cisco.com/t5/network-access-control/acs5-replacement-for-ip-pools/m-p/2082871#M150704 <HTML><HEAD></HEAD><BODY><P>For the ASA it's the Attribute 217 "Address-Pools":</P><P><A class="jive-link-external-small" href="http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/ref_extserver.html#wp1802187">http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/ref_extserver.html#wp1802187</A></P><P></P><P></P><P>--&nbsp; <BR />Don't stop after you've improved your network! Improve the world by lending money to the working poor: <BR /><A class="jive-link-external-small" href="http://www.kiva.org/invitedby/karsteni">http://www.kiva.org/invitedby/karsteni</A></P></BODY></HTML> Sun, 27 Jan 2013 13:46:13 GMT https://community.cisco.com/t5/network-access-control/acs5-replacement-for-ip-pools/m-p/2082871#M150704 Karsten Iwen 2013-01-27T13:46:13Z https://community.cisco.com/t5/network-access-control/acs5-replacement-for-ip-pools/m-p/2082872#M150746 <HTML><HEAD></HEAD><BODY><P>Hi Paul,</P><P></P><P>There are two attributs regarding the pools:</P><P>217&nbsp;&nbsp;&nbsp; cisco-ip-pool-definition</P><P>218&nbsp;&nbsp;&nbsp; cisco-assign-ip-pool</P><P></P><P>Those are configurable in ACS 5.x from ACS GUI:</P><P>Policy Elements -&gt; Authorization and Permissions -&gt; Network Access -&gt; Authorization Profiles.</P><P></P><P>You create the authorization profile then from the "Radius Attributes" tab you choose the directory type = "RADIUS-Cisco".</P><P>Then if you press on the "select" button beside "RADIUS Attribute" field it will list you all the cisco attributes where 217 and 218 are included.</P><P></P><P>HTH</P><P></P><P>Amjad</P><P></P><P><SPAN style="color: blue;">Rating useful replies is more useful than saying <SPAN style="color: green;"> "<SPAN style="text-decoration: underline;">Thank you</SPAN>"</SPAN></SPAN></P></BODY></HTML> Mon, 28 Jan 2013 06:57:15 GMT https://community.cisco.com/t5/network-access-control/acs5-replacement-for-ip-pools/m-p/2082872#M150746 Amjad Abdullah 2013-01-28T06:57:15Z https://community.cisco.com/t5/network-access-control/acs5-replacement-for-ip-pools/m-p/2082873#M150812 <HTML><HEAD></HEAD><BODY><P>So then how do we define the pools? There's a lot of discussion regarding this topic. I'm not exactlly sure why Ciso thought it was a good idea to remove this feature but I know there's a workaround.</P><P></P><P>The workaround I saw was to use pre defined pools from another device such as a router. That's fine but whats the ACS config to do that?</P><P></P><P>Someone has to know the answer to this.</P></BODY></HTML> Thu, 12 Dec 2013 15:39:59 GMT https://community.cisco.com/t5/network-access-control/acs5-replacement-for-ip-pools/m-p/2082873#M150812 codewize 2013-12-12T15:39:59Z