https://community.cisco.com/t5/network-access-control/acs-host-restriction/m-p/1422017#M322629 <HTML><HEAD></HEAD><BODY><P><SPAN style="font-family: book antiqua,palatino;">Thanks Ganesh for your help.</SPAN></P><P></P><P><SPAN style="font-family: book antiqua,palatino;">I am not clear with your steps.</SPAN></P><P><SPAN style="font-family: book antiqua,palatino;">Local ACS database users DACL is working.</SPAN></P><P><SPAN style="font-family: book antiqua,palatino;">For Windows AD users what steps I need to restrict for specific host and port.</SPAN></P></BODY></HTML> Sun, 07 Feb 2010 11:22:03 GMT saquib.tandel 2010-02-07T11:22:03Z https://community.cisco.com/t5/network-access-control/acs-host-restriction/m-p/1422015#M322626 <P><SPAN style="font-family: arial,helvetica,sans-serif;">Hello</SPAN></P><P></P><P><SPAN style="font-family: arial,helvetica,sans-serif;">How to restrict access to a specific host when a user connects via VPN. </SPAN></P><P><SPAN style="font-family: arial,helvetica,sans-serif;">user account is mapped on ACS as external database ( Active Directory - Win3K )</SPAN></P><P></P><P>Downloadable ACL only works with ACS Local Database.</P><P></P><P>plz help.</P> Sun, 10 Mar 2019 23:56:11 GMT https://community.cisco.com/t5/network-access-control/acs-host-restriction/m-p/1422015#M322626 saquib.tandel 2019-03-10T23:56:11Z https://community.cisco.com/t5/network-access-control/acs-host-restriction/m-p/1422016#M322628 <HTML><HEAD></HEAD><BODY><DIV class="jive-rendered-content"><PRE __jive_macro_name="quote" class="jive_text_macro jive_macro_quote"><P><SPAN style="font-family: arial,helvetica,sans-serif;">Hello</SPAN></P><P></P><P><SPAN style="font-family: arial,helvetica,sans-serif;">How to restrict access to a specific host when a user connects via VPN. </SPAN></P><P><SPAN style="font-family: arial,helvetica,sans-serif;">user account is mapped on ACS as external database ( Active Directory - Win3K )</SPAN></P><P></P><P>Downloadable ACL only works with ACS Local Database.</P><P></P><P>plz help.</P></PRE></DIV><P></P><P>Hi,</P><P></P><P>IP Address Filtering (default) No filtering on any IP address is performed when an administrator is accessing ACS remotely.Allow only listed IP addresses to connect. Click to allow remote administration from only those workstations whose IP addresses fall within the range specified in IP Address Ranges. Workstations whose IP addresses are not within the specified range will not be able to access ACS remotely.</P><P></P><P>Reject connections from listed IP addresses. Click to filter out remote administration from the IP addresses specified in IP Address Ranges. Remote administration from workstations whose IP addresses do not fall within the specified range will be permitted.</P><P></P><P>Check out the below link hope that help</P><P></P><P><A class="jive-link-external-small" href="http://72.163.4.161/en/US/products/sw/secursw/ps2086/products_configuration_guide_chapter09186a00801fd7e2.html#wp892183">http://72.163.4.161/en/US/products/sw/secursw/ps2086/products_configuration_guide_chapter09186a00801fd7e2.html#wp892183</A></P><P></P><P>If helpful do rate the post</P><P></P><P>Ganesh.H</P></BODY></HTML> Sun, 07 Feb 2010 07:28:53 GMT https://community.cisco.com/t5/network-access-control/acs-host-restriction/m-p/1422016#M322628 Ganesh Hariharan 2010-02-07T07:28:53Z https://community.cisco.com/t5/network-access-control/acs-host-restriction/m-p/1422017#M322629 <HTML><HEAD></HEAD><BODY><P><SPAN style="font-family: book antiqua,palatino;">Thanks Ganesh for your help.</SPAN></P><P></P><P><SPAN style="font-family: book antiqua,palatino;">I am not clear with your steps.</SPAN></P><P><SPAN style="font-family: book antiqua,palatino;">Local ACS database users DACL is working.</SPAN></P><P><SPAN style="font-family: book antiqua,palatino;">For Windows AD users what steps I need to restrict for specific host and port.</SPAN></P></BODY></HTML> Sun, 07 Feb 2010 11:22:03 GMT https://community.cisco.com/t5/network-access-control/acs-host-restriction/m-p/1422017#M322629 saquib.tandel 2010-02-07T11:22:03Z https://community.cisco.com/t5/network-access-control/acs-host-restriction/m-p/1422018#M322632 <HTML><HEAD></HEAD><BODY><PRE __jive_macro_name="quote" class="jive_text_macro jive_macro_quote"><DIV class="jive-rendered-content"><P><SPAN style="font-family: book antiqua,palatino;">Thanks Ganesh for your help.</SPAN></P><P></P><P><SPAN style="font-family: book antiqua,palatino;">I am not clear with your steps.</SPAN></P><P><SPAN style="font-family: book antiqua,palatino;">Local ACS database users DACL is working.</SPAN></P><P><SPAN style="font-family: book antiqua,palatino;">For Windows AD users what steps I need to restrict for specific host and port.</SPAN></P></DIV></PRE><P>Hi Saquib,</P><P></P><P>Windows AD users would be getting some ip once they are authenticated if apart from those pool of ip address you configure the trusted ip address which can access the ACS apart from windows AD authenticated users ip address.</P><P></P><P>Check out the below link will share the step to restrict ACS access using selected ip address.</P><P></P><P><A class="jive-link-external-small" href="http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.0/user/guide/a.html#wp655148">http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.0/user/guide/a.html#wp655148</A></P><P></P><P>Hope to help</P><P></P><P>Ganesh.H</P></BODY></HTML> Sun, 07 Feb 2010 14:04:59 GMT https://community.cisco.com/t5/network-access-control/acs-host-restriction/m-p/1422018#M322632 Ganesh Hariharan 2010-02-07T14:04:59Z