Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2215
Views
0
Helpful
1
Replies

ACS 2.4 for NT

milton.almeida
Level 1
Level 1

‎11-13-2001 04:55 AM - edited ‎02-21-2020 09:58 AM

Hi everyone!!!

I'd like to know if is possible ACS authenticate only LAN/WAN traffic.

In other words if I can configure access-list profiles and configure a specific user or group in ACS for it or vice-versa.

My cenario is follow:

I have a separeted network called Engineering Network where only few users (Engineering guys)can access this environment, we started authorization for this network only using access-lists but this architecture depends of static IP addresses in each machine that needs to get-in on this network, what is very bad to managed and not provide a good control (logging).

Any Ideas???

Thanks

Milton

Labels:
0 Helpful
1 Reply 1

msitzman
Cisco Employee
Cisco Employee

‎11-13-2001 04:58 PM

Two things that I can think of for you to think about. You can use Authentication-Proxy that is only triggered on http traffic. This will allow for for per-user access to the network by downloading an acl from a AAA server. The other solution is to use lock and key, which will be triggered when the user telnets to the router and authenticates. Then they will be able to access to the remote network and the telnet session will be dropped from the router.

Hope this helps...

Marcus

0 Helpful
Customers Also Viewed These Support Documents