cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Announcements
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

479
Views
0
Helpful
4
Replies
Beginner

ACS 5.3 - Unable to properly import IP ranges (AAA Clients)

I have multiple AAA Clients that I need to add. The way I manage the clients, I often make changes of moving IPs from one group to another. I require that all clients use "IP Ranges". I try import the following IPs (8.8.8.1;8.8.8.3;8.8.8.9-10;8.8.8.25) I need them all to be ranges, but what happens is after I import it, I then go to that AAA Client, it makes them all "IP Range(s) By Mask" and siplays it like this:

--- IP --------- Mask

8.8.8.1         /32

8.8.8.3         /32

8.8.8.9-10   

8.8.8.25       /32

Now if I need to add another range, I can't as "IP Range(s) By Mask" is selected. If I try to click on "IP Ranges" I get an error that says I can;t switch from IP Mask mode to IP Range mode.

If I click on "Help", that doesn;t help as the example has commas not semi colons, and it will not import. and it has extra commas for no reason.

Some examples of entering IP address ranges are:

A single range—10.77.10.1-10,,,, 192.120.10-12.10

Multiple ranges—10.*.1-20.10, 192.1-23.*.100-150

Exclusions from a range—10.10.1-255.* exclude 10.10.10-200.100-150

Right now I have to create each entry manually and add each IP one at a time, or ranges at a time. After Submitting, I can edit the entry and add another range if I want as it will stay "IP Ranges".

Anyone know of a solution to this?

4 REPLIES 4
Highlighted
Rising star

ACS 5.3 - Unable to properly import IP ranges (AAA Clients)

Please refer to “Network Devices and AAA Clients ” section of the following link , it may help you.

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.3/user/guide/net_resources.html

Rising star

ACS 5.3 - Unable to properly import IP ranges (AAA Clients)

I was able to do this in ACS 5.4 by using following definiition in import file

8.8.8.1/32;8.8.8.3/32;8.8.8.9-10/32;8.8.8.25/32

Note I don't the option ""IP Range(s) By Mask" in the GUI but do see that IP ranges is enabled after I do this operation

Beginner

ACS 5.3 - Unable to properly import IP ranges (AAA Clients)

jrabinow,

I have tried that too, still doesn't work. This is what happens.

The red arrow is what I want. I need ranges.

If I try to add a new range at this point I am not allowed to put a dash in the IP field, so no more ranges.

ACS 5.3 - Unable to properly import IP ranges (AAA Clients)

What if you choose the IP Range(s) before importing the file then add one dummy entry. After that try importing the file.

Will that help?

Regards,

Amajd

Rating useful replies is more useful than saying "Thank you"

Rating useful replies is more useful than saying "Thank you"