cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
535
Views
0
Helpful
1
Replies

How to restrict user in vpn remote access using external database in acs4.2

Charles_Chi4
Level 1
Level 1

Hi,

I've got ACS 4.2 windows installed in domain member server n run well. I can authenticate using users in AD. I use this ACS for authenticating user for routers & switches access, VPN access and wireless access.

The question is how could i restrict certain person for VPN acess and routers / switches access? But allowed all users in AD for wireless access?

1 Reply 1

Jagdeep Gambhir
Level 10
Level 10

Charles,

You need to set up NARs to control the device access on the group membership basis.

http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_tech_note09186a0080858d3c.shtml

Now since we are using windows AD, we need to map AD group with specific ACS group.

Example

Wireless Group ACS <----> Wireless group AD

NAR would be configured on ACS wireless group.

Regards,

~JG

Do rate helpful posts.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: