04-28-2009 02:22 AM - edited 03-10-2019 04:27 PM
Hello ,
i have a remote vpn users connecting to our network and one vpn group can access specific servers ( controlled by access-list )and there are authenticated by ACS.
the problem is that in the same vpn group ,some users should be able to access some servers and not all.
for example if i allowed in access list 10 servers to be allowed to access. i need some user to access only 2 servers.
Can this be done by creating account on ACS and restrict the access in the same vpn group?
Thank you and Regards.
04-28-2009 05:30 AM
You can set it up using NAR in ACS.
http://cisco.com/en/US/products/sw/secursw/ps2086/products_tech_note09186a0080858d3c.shtml
Regards,
~JG
Do rate helpful posts
04-28-2009 07:03 AM
Thank you JG for your fast response, i tried NAR to restrict access to network devices that are athenticated by ACS. but is it possible to restrict access to servers (windows /sun...) which are not athenticated by ACS.
Regards,
04-28-2009 09:25 AM
Well for that best it to use downloadable ACL feature in ACS.
Regards,
~JG
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide