cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
629
Views
0
Helpful
1
Replies

How to restrict user in vpn remote access using external database in acs4.2

Charles_Chi4
Level 1
Level 1

Hi,

I've got ACS 4.2 windows installed in domain member server n run well. I can authenticate using users in AD. I use this ACS for authenticating user for routers & switches access, VPN access and wireless access.

The question is how could i restrict certain person for VPN acess and routers / switches access? But allowed all users in AD for wireless access?

1 Reply 1

Jagdeep Gambhir
Level 10
Level 10

Charles,

You need to set up NARs to control the device access on the group membership basis.

http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_tech_note09186a0080858d3c.shtml

Now since we are using windows AD, we need to map AD group with specific ACS group.

Example

Wireless Group ACS <----> Wireless group AD

NAR would be configured on ACS wireless group.

Regards,

~JG

Do rate helpful posts.