Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
1129
Views
0
Helpful
1
Replies

ACS 1113 NAR related problem.

Satya Siba Sundar Mishra
Level 1
Level 1

ā€Ž08-14-2012 04:17 AM - edited ā€Ž03-10-2019 07:25 PM

Hi,

I have configured user level NAR in my ACS 1113 SE running with 4.2.0.124(No patch). The routers and switches which are permitted in NAR are  accessble as per configuration and the devices which are not configured are not accessble. I mean to say the NAR is working fine for Routers and switches but for ASA it is not working. Regardless of teh ASA is added in NAR or not I am able to access it useing the acs local users.

Following are the configurations I have done in ASA firewall.

aaa-server ACSVPN protocol radius

max-failed-attempts 2

aaa-server ACSVPN (DMZ_INTERFACE) host 172.X.X.10

timeout 30

key cisco

aaa-server ACSVPN (DMZ_INTERFACE) host 172.X.X.16

timeout 30

key cisco

radius-common-pw gcisco

aaa authentication enable console ACSVPN LOCAL

aaa authentication ssh console ACSVPN LOCAL

aaa authentication http console ACSVPN LOCAL

I can access the ASA without adding it's Ip to NAR. Please help me to understand what can be the possible causes. In success log I cam see teh message "all filteres passed" status.

Labels:
0 Helpful
1 Reply 1

Tarik Admani
VIP Alumni
VIP Alumni

ā€Ž08-14-2012 09:38 AM

What is the ip address for the ASA and can you post a screenshot of you NAR policies?

Thanks,

Tarik Admani
*Please rate helpful posts*

0 Helpful
Customers Also Viewed These Support Documents