Solved: Cisco ASA and downlodable acl problem

sandeep.waghchoure · ‎12-29-2011

HI,all

Can somebody shed some light on how to configure ACS for downloading user base acl.

We have used TACCAS for remote access user authentication.

Do I required any config on ASA or i have to just configure Policy element /authorisation profile and bind that profile with user?

thanks in advance

camejia · ‎12-29-2011

Configuration Example.

View solution in original post

camejia · ‎12-29-2011

Hello Sandeep,

First of all, if you are using TACACS+ for VPN Remote Access then Downloadable ACL's are not supported. You might need to change the ASA configuration to use RADIUS as the authentication protocol instead.

I am attaching a configuration example to this post.

Hope this helps.

Regards

camejia · ‎12-29-2011

Configuration Example.

sandeep.waghchoure · ‎01-02-2012

Dear Carlos,

Thanks for reply.

That mean i have to change authentication method RADIUS for remot access vpn users and also I have to use radius for authorizaton.

camejia · ‎01-03-2012

Hello Sandeep,

You are right. RADIUS includes Authentication/Authorization on the same packet which causes the authentication response from the RADIUS server to include the Authorization Attributes as well.

Regards.