01-19-2022 06:36 AM
Not sure if this is the right place to ask this but here we go - is it possible or does cisco have a way to setup some sort of ACL or something that allows a user to access a device on a different subnet based on user account instead of ip? trying to eliminate the use of static ip (was my first choice) on ACL and checking if there is something that can validate the user and allow the user access?
Solved! Go to Solution.
01-19-2022 07:11 AM
as mentioned until the end device have capable to do so, if not it is not possible.
yes that is only best option i see for the user to get static IP and allow only required IP in the ACL.
or wait for other members suggestions (happy to learn here if something new come an idea).
01-19-2022 06:44 AM
YES and NO depends on the device configured and using Radius / TACACS for user authentication, then you can setup Radius/TACACS allow
01-19-2022 06:49 AM
SO we have some security devices (camera centralize management) that some users require access to, but, users dont have static IP's so that limits me to opening ACL to entire subnet vs allowing only the required user access to the web interface to the management page. i was hoping that there was something that could authenticate or confirm access to VLan base on roles or something...
01-19-2022 07:11 AM
as mentioned until the end device have capable to do so, if not it is not possible.
yes that is only best option i see for the user to get static IP and allow only required IP in the ACL.
or wait for other members suggestions (happy to learn here if something new come an idea).
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide