Showing results for 
Search instead for 
Did you mean: 

Configuring Downloadable ACL for VPN Users

Level 1
Level 1

Hello Guys, Could anyone help me?

I am trying to configure a Dynamic ACL for VPN users following the steps of "jrabinow" manual (check the link attached), but it doesn't work and i dont know why?.....

In my case, i have one Firewall ASA configured like a TACACS+ client of my ACS Server and my user database (DB) is configured like internal in this ACS server. When a user (of the internal DB) make a vpn connection, the authentication goes well but the Dynamic ACL never is applied.

i did the following....

1. i created a user attribute to store the DACL name of type string then

2. i checked that the user attribute can be created as a part of each user record, after that

3. i created a authorization profile and i associated the name of attribute created in the step 1 (Common Tasks --> Downloadable ACL Name --> Dynamic --> Internal Users and then

4. i created the "Downloadable ACL" and i set the contents of DACL attribute with the name selected for the Downloadable ACL and after that.

5. i am ready with the configuration??? o what else??

i hope that something is missing in my configuration.


1 Reply 1

Level 1
Level 1


I forgot to say that the ACS server is installed with version 5.1

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: