cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
739
Views
0
Helpful
4
Replies

ACS 5.3 - Unable to properly import IP ranges (AAA Clients)

richard.dean
Level 1
Level 1

I have multiple AAA Clients that I need to add. The way I manage the clients, I often make changes of moving IPs from one group to another. I require that all clients use "IP Ranges". I try import the following IPs (8.8.8.1;8.8.8.3;8.8.8.9-10;8.8.8.25) I need them all to be ranges, but what happens is after I import it, I then go to that AAA Client, it makes them all "IP Range(s) By Mask" and siplays it like this:

--- IP --------- Mask

8.8.8.1         /32

8.8.8.3         /32

8.8.8.9-10   

8.8.8.25       /32

Now if I need to add another range, I can't as "IP Range(s) By Mask" is selected. If I try to click on "IP Ranges" I get an error that says I can;t switch from IP Mask mode to IP Range mode.

If I click on "Help", that doesn;t help as the example has commas not semi colons, and it will not import. and it has extra commas for no reason.

Some examples of entering IP address ranges are:

A single range—10.77.10.1-10,,,, 192.120.10-12.10

Multiple ranges—10.*.1-20.10, 192.1-23.*.100-150

Exclusions from a range—10.10.1-255.* exclude 10.10.10-200.100-150

Right now I have to create each entry manually and add each IP one at a time, or ranges at a time. After Submitting, I can edit the entry and add another range if I want as it will stay "IP Ranges".

Anyone know of a solution to this?

4 Replies 4

Saurav Lodh
Level 7
Level 7

Please refer to “Network Devices and AAA Clients ” section of the following link , it may help you.

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.3/user/guide/net_resources.html

jrabinow
Level 7
Level 7

I was able to do this in ACS 5.4 by using following definiition in import file

8.8.8.1/32;8.8.8.3/32;8.8.8.9-10/32;8.8.8.25/32

Note I don't the option ""IP Range(s) By Mask" in the GUI but do see that IP ranges is enabled after I do this operation

jrabinow,

I have tried that too, still doesn't work. This is what happens.

The red arrow is what I want. I need ranges.

If I try to add a new range at this point I am not allowed to put a dash in the IP field, so no more ranges.

What if you choose the IP Range(s) before importing the file then add one dummy entry. After that try importing the file.

Will that help?

Regards,

Amajd

Rating useful replies is more useful than saying "Thank you"

Rating useful replies is more useful than saying "Thank you"
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: