Hi,
I have configured user level NAR in my ACS 1113 SE running with 4.2.0.124(No patch). The routers and switches which are permitted in NAR are accessble as per configuration and the devices which are not configured are not accessble. I mean to say the NAR is working fine for Routers and switches but for ASA it is not working. Regardless of teh ASA is added in NAR or not I am able to access it useing the acs local users.
Following are the configurations I have done in ASA firewall.
aaa-server ACSVPN protocol radius
max-failed-attempts 2
aaa-server ACSVPN (DMZ_INTERFACE) host 172.X.X.10
timeout 30
key cisco
aaa-server ACSVPN (DMZ_INTERFACE) host 172.X.X.16
timeout 30
key cisco
radius-common-pw gcisco
aaa authentication enable console ACSVPN LOCAL
aaa authentication ssh console ACSVPN LOCAL
aaa authentication http console ACSVPN LOCAL
I can access the ASA without adding it's Ip to NAR. Please help me to understand what can be the possible causes. In success log I cam see teh message "all filteres passed" status.