We are currently using our ACS to authenticate router/switch access using TACACS+, VPN with RADIUS and 802.1x port authentication using RADIUS My question is what is the best way to keep these user groups seperate so a VPN user cant gain access locally thru our 802.1x ports with their VPN name and password.
If a user has a unique configuration requirement, you can make that user a part of a group and set the unique requirements in the User Setup window, or you can assign that user to his or her own separate group.
Learn, share, save
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
