cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
466
Views
5
Helpful
1
Replies

Restrict user to a specific source address

alittlefield
Level 1
Level 1

Is it possible to restrict a user to a specific ip address via the acs appliance, running v3.3? I have a user that I want to allow but only want him sourcing from one address.

1 Reply 1

darpotter
Level 5
Level 5

Hi

Yes this is possible using Network Access Restrictions. Assuming that its a telnet login to an IOS device being authenticated by TACACS+

Either in the users group (or users own db record) you create an IP Based NAR. Make the type "Permint" then add a row:

AAA Client: All Clients

Port: *

Address:

Then add the row, you might see somethling like

All Client * 192.158.254.1

Hope that helps

Darran