Re: ACS 5.2 Newbe

NAVIN PARWAL · ‎03-15-2012

Folks,

I am trying to write a policy that involves 3 things

1) Ip address of the controller

2) Identity method

3) Authentication type

Can someone guide me in the right direction on how about doing such a policy in ACS 5.2.

I do not know what fields to pick on ACS to write different policies involving these 3 attributes.

Thanks,

Parwal

Scott Fella · ‎03-15-2012

Can you be more specific on #2 and #3.

Thanks,

Scott Fella

Sent from my iPhone

-Scott
*** Please rate helpful posts ***

NAVIN PARWAL · ‎03-16-2012

Scott,

I would like to write a policy on my ACS 5.2 that considers the controller the request is coming from and in addition to that considers the following:

2) Identity: Internal User or NAC profiler or Certificate profile

3) Eap Authentication method: Eap-Fast, Leap

Can you point me in the right direction.

Parwal

Scott Fella · ‎03-17-2012

Well you have to be more specific with your policies. For example, identity would be one of the following: AD user, internal ACS accounts, etc. for the EAP authentication method, you basically allow only those protocols. If you have one SSID using EAP-Fast and another using LEAP, then you would need to create two Network Access Policies. I really still don't know what your design is and that is why I'm throwing out some examples. The ACS Configuration Guide is a good reference.

Thanks,

Scott Fella

Sent from my iPhone

-Scott
*** Please rate helpful posts ***