[c-nsp] Downloadable ACLs without using ACS

Ivor Coons tech at technovoid.com
Thu Nov 20 16:44:43 EST 2008 

James Baker wrote:
> yep; I've used Cistron on BSD as well as MS IAS for AV Pairs with box
> PIX and ASA with zero problems.
>
>
>
>
> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net
> [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of ghostonthewire
> Sent: Friday, 21 November 2008 6:31 a.m.
> To: Ivor Coons
> Cc: cisco-nsp at puck.nether.net
> Subject: Re: [c-nsp] Downloadable ACLs without using ACS
>
> hi,
>
> Ivor Coons wrote:
>   
>> Does anyone here have experience configuring downloadable ACLs on an 
>> ASA/PIX using freeradius or some other free AAA server? Every search I
>>     
>
>   
>> have done references Cisco's TACACS server as the AAA option. Is it
>>     
> even 
>   
>> possible to use a third party server?
>>     
>
> Not sure about downloadable ACLs, but passing "ip:inacl..." via 
> Cisco-AVPair does the trick for sure. Couple years ago I've successed 
> using PIX with FreeRADIUS for teleworkers' VPN access. Anyway, look 
> through http://tinyurl.com/5gx3qp and try.
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
> ----------
>
> The information contained in this e-mail and any attachments is confidential
> and is intended for the attention and use of the named addressee(s) only.
> Any views expressed in this message are those of the individual sender and
> may not necessarily reflect the views of Chelmer Limited.
>
> #####################################################################################
> This e-mail message has been scanned for Viruses and Content and cleared 
> by NetIQ MailMarshal
> #####################################################################################
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
>
>   
Cool. MS IAS is probably what we will test with. Good to know it works.

Ivor

More information about the cisco-nsp mailing list