Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I am working setting up RBAC on my ACE-device. To give a user a specific role one use the Custom attribute "shell:<Context>*<Role> <Domain>".The command is working if I define it directly on the user in adittion using Custom attribute directly. With ...
Hi.I am having trouble getting my ACE 4710 (A3(2.0) Build 3.0) to cooperate with my Cisco Secure ACS-server. In the same environment I have it working on my ACE Module, with the same configuration.ACE 4710:tacacs-server host 10.7.50.20 key 7 "fewhg"a...
I am looking to solve a design which has to work in two scenarios. Preferably with an in-line solution. 1. Transparent design with VRF on both sides: FW-VRF (Subnet A) | | (VLAN 11) | ACE (Subnet A) | | (VLAN 12) |LAN-VR...
Hi.I am setting up a testlab for ACE loadbalancing and need to test functionality on both the ACE module and the 4710 appliance.Can one of each of these two be set up redundant together with full functionality? Or do I have to test redundancy for 2x ...
Hi Christopher and thanks for the responce!I have allready tried as you asked and do manage to log inn with the correct role using the Custom Attriute directly on the user. The problems I am facing are generally two:I have experiences that setting a...
I'm gonna expand my question a bit as I can not seem to get a working config in scenario 1. From the ACE I can ping the VRFs on both side of the ACE. I can on the other hand not ping neither the bvi-address of the ACE nor one VRF from the other. Can ...
That is correct. It is not a one-arm design. All I am saying is that I want to avoid having to use a one-arm design to satisfy both scenarios because the existing topology where scenario 2 is relevant is inefficient. (this is solely on the network I ...
It is to standarize a generic setup to be deployed on several platforms. Some of the platforms have 6500s and some do not. That is why I need to be sure the design works on both on the module and the appliance. The generic model also requires a redun...
