cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
245
Views
0
Helpful
2
Replies
Highlighted
Beginner

Separate Inbound/Outbound Auth

Is it possible to configure separate inbound and outbound passwords in ACS 2.4 (TACACS+)?

2 REPLIES 2
Highlighted
Explorer

What do you mean by inbound or outbound? You mean if your users are coming in via a NAS or going out via the LAN/WAN? Describe your topology and what you are trying to accomplish more accurately.

Highlighted

We wish to restrict specific users LAN outbound Internet access while at the same time allow the same users inbound access to our mail server via a web browser. Our thinking was to use the same ACS account configured with separate inbound and outbound passwords and not give the user the outbound password. I've since discovered this currently can't be accomplish in ACS. However, Cisco suggested configuring the Cisco IOS Authentication Proxy feature that provides dynamic per-user authentication and authorization. I think we'll go that route. Thanks for your input.