From: Menga, Justin (Justin.Menga@xxxxxxxxxx)
Date: Tue Nov 20 2001 - 16:13:40 GMT-3
I don't believe you can use a pool from the security server (ACS) with
the PIX. You certainly can with IOS....
Regards
Justin Menga CCIE#6640 CCDP CCNP+Voice+ATM MCSE+I CCSE
Network Solutions Architect
Wireless & E-Infrastructure
Compaq Computer New Zealand
DDI: +64-9-918-9381 Mobile: +64-21-349-599
mailto: justin.menga@compaq.com
web: http://www.compaq.co.nz
-----Original Message-----
From: Gabriele Buratti [mailto:g.buratti@setspa.com]
Sent: Saturday, 17 November 2001 4:37 a.m.
To: ccielab@groupstudy.com
Subject: pix + acs + ipsec + static address
Hi guys,
I'm trying to configure a pix firewall (6.1.1) to accept
incoming
ipsec connections from vpn3000 software client. There is also a acs
(2.6.2)
server authenticating users. Everything works really fine, except for
static ip assignment to a vpn user: I set the address in user parameters
of
acs and the client doesn't look at it.
I found tons of examples on Cisco site regarding my config, but all of
them
did use a ip local pool on pix, so address assignment via radius/tacacs.
Any ideas ? May the vpn client address would be assigned via another
radius
attribute different from that one ?
Thanks in advance
Gabriele
========================================
Gabriele Buratti
SET Telecomunicazioni S.p.A.
Tel +39.02954491.1
Fax +39.02954491.21
CCNP Certified - Security Specialist
e.mail g.buratti@setspa.com ========================================
This archive was generated by hypermail 2.1.4 : Fri Jun 21 2002 - 06:45:19 GMT-3