cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1073
Views
0
Helpful
2
Replies

ACS - cisco-av-pair

li_xiao_li
Beginner
Beginner

Hi Sir,

I have some doubts about the attribute in ACS: cisco-av-pair. I setup some ACLs in this attribute and hope this attribute can be sent from ACS to my PIX/ASA for future filtering usage if an user passes the first authentication attempt. I found that this attribute can not be installed in the PIX (when I checked the PIX using 'show access-list') even though the user passes the authentication. What is the reason?

2 Replies 2

Eduardo Aliaga
Enthusiast
Enthusiast

ASA do support downloadable access-lists. Old versions of PIX software do it in a different way. Could you please tell us what ASA or PIX version are you using ?

li_xiao_li
Beginner
Beginner

Hello,

I am using ASA8.0 software. I also tried to use 'downloadable ACL' attribute, this attribute does the job as its name says. But cisco-av-pair cannot. Is there another possible reason?

Thanks.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers