Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
684
Views
0
Helpful
1
Replies

Configuring Downloadable ACL for VPN Users

cesarpuga
Level 1
Level 1

‎10-05-2011 07:04 AM - edited ‎03-10-2019 06:27 PM

Hello Guys, Could anyone help me?

https://supportforums.cisco.com/message/3049535#3049535


I am trying to configure a Dynamic ACL for VPN users following the steps of "jrabinow" manual (check the link attached), but it doesn't work and i dont know why?.....

In my case, i have one Firewall ASA configured like a TACACS+ client of my ACS Server and my user database (DB) is configured like internal in this ACS server. When a user (of the internal DB) make a vpn connection, the authentication goes well but the Dynamic ACL never is applied.


i did the following....

1. i created a user attribute to store the DACL name of type string then

2. i checked that the user attribute can be created as a part of each user record, after that

3. i created a authorization profile and i associated the name of attribute created in the step 1 (Common Tasks --> Downloadable ACL Name --> Dynamic --> Internal Users and then

4. i created the "Downloadable ACL" and i set the contents of DACL attribute with the name selected for the Downloadable ACL and after that.

5. i am ready with the configuration??? o what else??


i hope that something is missing in my configuration.


Thanks,

Labels:
0 Helpful
1 Reply 1

cesarpuga
Level 1
Level 1

‎10-05-2011 09:25 AM

Hello,

I forgot to say that the ACS server is installed with version 5.1

0 Helpful
Customers Also Viewed These Support Documents