Solved: ACS 4.2 and ASA, Users allowed to login that shouldnt - Cisco Community

396

Views

0

Helpful

1

Replies

Using ACS 4.2, setup AAA/tacacs on my ASA. Currently any user in any NG can login into the ASA, they cant make changes however without the enable password. We only want people in one NG to be allowed to login into the ASA. I am not finding a good way to do this.

1 Accepted Solution

Accepted Solutions

You can create NAR:

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/user/guide/SPC.html#wp697095

And then use it in User/Group configuration:

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/user/guide/GrpMgt.html#wp478900

---

Michal

View solution in original post

1 Reply 1

You can create NAR:

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/user/guide/SPC.html#wp697095

And then use it in User/Group configuration:

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/user/guide/GrpMgt.html#wp478900

---

Michal

Learn, share, save

Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.

New here? Get started with these tips. How to use Community New member guide

Log in to Community