cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1301
Views
0
Helpful
1
Replies

VPN3000, Certificates and ACS

berndtonn
Beginner
Beginner

Hello,

we are using digital certificates to authenticate client PCs and Routers to access our VPN 3000.

1) How can we use CiscoSecure ACS (CS Unix 2.3 or CS NT 2.6 or CS NT 3.0) to do accounting ? Do we have to configure each user and group in addition to the information already stored in the certificates in the CA server (Netscape CMS) ?

2) How can we use CiscoSecure ACS to do authorization ?

Any hints would be appreciated.

Thank you very much,

Bernd

1 REPLY 1

paqiu
Beginner
Beginner

Hi Bernd,

Using certifercate will not have confict with using ACS AAA stuff.

Because certifercate is in phase 1 IASKMP (group authentication phase) and ACS is in user authentication, authorization and accouting (Xauth).

Here is the link for that: (authentication and accouting)

http://www.cisco.com/warp/customer/707/CiscoSecure.html

Authorization: (filter assignment from ACS)

http://www.cisco.com/warp/customer/471/filter.html

more deatils please see "VPN 3000 Concentrator with AAA" part:

http://www.cisco.com/warp/customer/707/index.shtml#vpn3000

Best Regards,

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: