cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

312
Views
0
Helpful
1
Replies
Highlighted
Beginner

ACS 5.4 drop authentication attempt rule

I want to create rule in ACS that will drop authentication attempts from a certain IP address so that it will force the device to move to it's secondary auth server.

I used to create a dead route on the Server when we had it running on 3.3 and im wondering if theres a better way to do this with the new ACS policy based rules, any ideas pointers etc would be greatly apreciated.

Regards                   

1 REPLY 1
Highlighted
Participant

Paul,

Create a rule based identity section under access service.

Create the first rule and use a IP address based condition (I am not sure which IP address you are looking for, Client's or Device's), set the result to a DB that will not authenticate the user successfully, use the advanced options there to manipulate the ACS to DROP the request.

Note: this will get replicated to your secondary server if in replication, so you might need to use an additional ACS instance condition in the rule you created.

**Share your knowledge. It’s a way to achieve immortality.
--Dalai Lama**

Please Rate if helpful.
Regards
Ed

**Share your knowledge. It’s a way to achieve immortality. --Dalai Lama** Please Rate if helpful. Regards Ed