cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
368
Views
0
Helpful
0
Replies
Highlighted
Beginner

how to use ACS push authorization for a Anyconnect VPN that terminated on CSR

I am setting up a CSR1000v to provide SSL AnyconnectVPN connection for the user. and using a ACS 5.8 for AAA. I want to use ACS 5.8 to push the vpn policy, such as banner/ip pool/etc.. but it doesn't work. I am using such as webvpn:banner=<xxx>.

the CSR debug and ACS log show the authentication is pass.it looks like problem still on the av-pair.

Does anyone have idea how can I fix this issue?

 

Thanks,

 

Ryan

 

 

May 28 22:35:32 UTC: CRYPTO-SSL-AAA: username: Processing AV
May 28 22:35:32 UTC: CRYPTO-SSL-AAA: Unsupported AV Pair
May 28 22:35:32 UTC: CRYPTO-SSL-AAA: netmask: Processing AV
May 28 22:35:32 UTC: CRYPTO-SSL-AAA: Framed user IP nmask 255.255.252.0
May 28 22:35:32 UTC: CRYPTO-SSL-AAA: route-set: Processing AV
May 28 22:35:32 UTC: CRYPTO-SSL-AAA: Route Set access-list ACL01
May 28 22:35:32 UTC: CRYPTO-SSL-AAA: Route Set Access-list successfully parsed
May 28 22:35:32 UTC: CRYPTO-SSL-AAA: banner: Processing AV
May 28 22:35:32 UTC: CRYPTO-SSL-AAA: Banner <xxxx>! - ACS
May 28 22:35:32 UTC: CRYPTO-SSL-AAA: AAA Authentication Passed!
May 28 22:35:32 UTC: %SSLVPN-5-LOGIN_AUTH_PASSED: vw_ctx: sslvpn-profile-120 vw_gw: sslvpn-policy-120 remote_ip: x.x.x.x user_name: user1, Authentication successful, user logged in

0 REPLIES 0
Content for Community-Ad