Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
584
Views
0
Helpful
1
Replies

ACS Location Access Control.. How?

rfc791-cisco
Level 1
Level 1

‎04-29-2011 10:09 AM - edited ‎03-10-2019 06:02 PM

I have spent 2 days trying to get Location based access working and can't figure it out.  I have ACS 5.2 installed.

My setup is as follows.

6 Locations

2-3 Administrators per location then 3 Administrators for all locations. 

We want to grant access by Location of the Device to AD Accounts.  Then we want 3 Admins to have access to all Locations.    

I have been testing with Riverbeds using TACACS and can get a user working but once I have another user from the All Access group they don't work.  I get a 22056 Error. 

Anyone have something like this working and would not mind explaining to me how to use this convoluted product. 

Labels:
0 Helpful
1 Reply 1

Nicolas Darchis
Cisco Employee
Cisco Employee

‎04-29-2011 11:18 PM

How about something like this ?

If device.location=location1 and if user belongs to group x,y, or z then grant access

If device.location=location and if user belongs to group x only then grant access

in all other cases deny access.

You can use user groups or usernames directly depending on the similarities between users and what's easiest.

0 Helpful
Customers Also Viewed These Support Documents