ACS 5.4 DACL is not working.

yusuf.ujjainwala · ‎07-02-2013

We are trying to configure downloadable ACL on ACS 5.4 for wireless users with [WPA2][Auth(802.1X)] authentication. Users are able to authenticate with ACS 5.4 server even in authentication log it is showing configured DACL is getting applied but applied acl is not taking effect on user i.e we have confgured some restrictions in DACL still user is able to access everything.

Attache is the screenshot of passd authentication with DACL.

Need assistance for the same.

Jatin Katyal · ‎07-02-2013

The screen shot shows that DACL being pushed from the ACS. I'd like to check if you've "AAA OVERRIDE" option enabled under WLC > WLAN > edit > Advanced > AAA Override.

~BR
Jatin Katyal

**Do rate helpful posts**

~Jatin

yusuf.ujjainwala · ‎07-02-2013

Yes AAA Override option is already selected in WLC.

Jatin Katyal · ‎07-02-2013

Yusuf,

Please verify if you've configured in the same way.

Policy Elements > Network Access > Authorization Profile, please use the following configuration:

Dictionary Type: Radius-Cisco Airespace

Attribute name: Airespace-ACL-NAme

Attribute Type: String

Value=ACL-WLC ( This would be the name of the ACL that you've created on the WLC)

ACLs on Wireless LAN Controller Configuration Example

http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a00807810d1.shtml#conf

~BR
Jatin Katyal

**Do rate helpful posts**

~Jatin

harvisin · ‎07-07-2013

Hello,

May this link will help you:-

http://www.cisco.com/en/US/products/ps9911/products_tech_note09186a0080bb8100.shtml#p40