cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

578
Views
0
Helpful
4
Replies

Cisco ASA and downlodable acl problem

HI,all

Can somebody shed some light on how to configure ACS for downloading user base acl.

We have used TACCAS for remote access user authentication.

Do I required any config on ASA or i have to just configure Policy element /authorisation profile  and bind that profile with user?

thanks in advance

1 ACCEPTED SOLUTION

Accepted Solutions

Configuration Example.

View solution in original post

4 REPLIES 4
camejia
Participant

Hello Sandeep,

First of all, if you are using TACACS+ for VPN Remote Access then Downloadable ACL's are not supported. You might need to change the ASA configuration to use RADIUS as the authentication protocol instead.

I am attaching a configuration example to this post.

Hope this helps.

Regards

Configuration Example.

View solution in original post

Dear Carlos,

Thanks for reply.

That mean i have to change authentication method RADIUS for remot access vpn users and also I have to use radius for authorizaton.

Hello Sandeep,

You are right. RADIUS includes Authentication/Authorization on the same packet which causes the authentication response from the RADIUS server to include the Authorization Attributes as well.

Regards.

Content for Community-Ad