Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1640
Views
0
Helpful
1
Replies

VPN3000, Certificates and ACS

berndtonn
Level 1
Level 1

‎07-28-2002 11:18 PM - edited ‎02-21-2020 10:02 AM

Hello,

we are using digital certificates to authenticate client PCs and Routers to access our VPN 3000.

1) How can we use CiscoSecure ACS (CS Unix 2.3 or CS NT 2.6 or CS NT 3.0) to do accounting ? Do we have to configure each user and group in addition to the information already stored in the certificates in the CA server (Netscape CMS) ?

2) How can we use CiscoSecure ACS to do authorization ?

Any hints would be appreciated.

Thank you very much,

Bernd

Labels:
0 Helpful
1 Reply 1

paqiu
Level 1
Level 1

‎07-29-2002 03:30 PM

Hi Bernd,

Using certifercate will not have confict with using ACS AAA stuff.

Because certifercate is in phase 1 IASKMP (group authentication phase) and ACS is in user authentication, authorization and accouting (Xauth).

Here is the link for that: (authentication and accouting)

http://www.cisco.com/warp/customer/707/CiscoSecure.html

Authorization: (filter assignment from ACS)

http://www.cisco.com/warp/customer/471/filter.html

more deatils please see "VPN 3000 Concentrator with AAA" part:

http://www.cisco.com/warp/customer/707/index.shtml#vpn3000

Best Regards,

0 Helpful
Customers Also Viewed These Support Documents