Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1414
Views
0
Helpful
2
Replies

Downloadable ACL for VPN Users. ACS 4.1 & 1841 Router

Go to solution
central_bank
Level 1
Level 1

‎03-07-2011 01:57 AM - edited ‎03-10-2019 05:53 PM

Hi,

I have configured 1841 router as VPN server. All VPN users are getting authenticated using radius in ACS 4.1

I need to apply per-user downloadable ACL.

I have configured ACS for the Downlodabale ACL. Even ACS report acivity shows that ACL is applied to the authenticated user, but the traffic is not blocked or passed accordingly.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Bastien Migette
Cisco Employee
Cisco Employee

‎03-09-2011 01:55 AM

What is your configuration ?

I think the most easiest way to do it is to use IPSEC VTI interfaces, along wiht aaa authorization network and on the radius server, use ip:inacl in the cisco av-pair, like

ip:inacl#1=permit tcp any any eq 80

ip:inacl#2=permit tcp any any eq 443

...

Some documentation:

http://www.cisco.com/en/US/docs/ios/12_3t/12_3t14/feature/guide/gtIPSctm.html#wp1090634

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Bastien Migette
Cisco Employee
Cisco Employee

‎03-09-2011 01:55 AM

What is your configuration ?

I think the most easiest way to do it is to use IPSEC VTI interfaces, along wiht aaa authorization network and on the radius server, use ip:inacl in the cisco av-pair, like

ip:inacl#1=permit tcp any any eq 80

ip:inacl#2=permit tcp any any eq 443

...

Some documentation:

http://www.cisco.com/en/US/docs/ios/12_3t/12_3t14/feature/guide/gtIPSctm.html#wp1090634

0 Helpful

Go to solution
central_bank
Level 1
Level 1
In response to Bastien Migette

‎03-10-2011 03:52 AM

Hi,

Thanks for your reply.

Soution given by you works......:-)

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents