Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1011
Views
0
Helpful
1
Replies

Device Grouping with Subnetted IP Address

Go to solution
a.seetharaman
Level 1
Level 1

‎09-30-2004 05:49 AM - edited ‎03-10-2019 01:49 PM

Hi,

we are ACS for TACACS+ authentication.

We have two network in 2 administrative domain with IP address 172.16.0.0/25 and 172.16.128.0/25.

I want to configure authentication policy in such a way that the administrator in one domain will not be able to access the devices of other domain.

In ACS Device group configuration, there is an option of mentioning the Network IP address with wild card mask.

But how we will mention/segregate a network IP address in the form of 172.16.0.0/25 and 172.16.128.0/25.

Regards,

Seetharaman.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
jhillend
Level 1
Level 1

‎10-01-2004 08:11 AM

You will need to set up two device groups. I recommend that you configure a single NAS in each group using the multi-NAS addressing.

The first NAS should have the following IP address: 172.16.0.1-127

The second NAS should have the following IP address: 172.16.0.129-255

Once these are configured, you can use Network Access Restrictions to limit the access by various users or groups.

Jeff

View solution in original post

0 Helpful
1 Reply 1

Go to solution
jhillend
Level 1
Level 1

‎10-01-2004 08:11 AM

You will need to set up two device groups. I recommend that you configure a single NAS in each group using the multi-NAS addressing.

The first NAS should have the following IP address: 172.16.0.1-127

The second NAS should have the following IP address: 172.16.0.129-255

Once these are configured, you can use Network Access Restrictions to limit the access by various users or groups.

Jeff

0 Helpful
Customers Also Viewed These Support Documents