RE: ACS 3.1 questions

From: wing_lam@jossynergy.com
Date: Sun Jun 15 2003 - 11:23:49 GMT-3

• Next message: wing_lam@jossynergy.com: "mrm test"
• Previous message: wing_lam@jossynergy.com: "RE: VPN 3005"
• Maybe in reply to: wing_lam@jossynergy.com: "ACS 3.1 questions"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Thx, MMoniz, if I have two users "cisco", onw in AD and one in local
database but withe different passowrd, can I diversify so that VPN3005 will
always refer to AD while routers and remote access serves (2509) will refer
to local ACS database?

Also, I would like to make to VPN 3005 cannot refer to local database, even
if I delete the user "cisco" in AD (the another "cisco still exists in
loacl database", can it be achieved? (Actually my task is make the VPN 3005
cannot refer to local user database, as by default it seems all clients can
refer to any database configured in the ACS, am I right?)

Thx a lot!
BBD (Big Black Dog)

                                                                                                                                       
                      "MMoniz"
                      <ccie2002@tampaba To: <wing_lam@jossynergy.com>, <ccielab@groupstudy.com>
                      y.rr.com> cc:
                                               Subject: RE: ACS 3.1 questions
                      06/15/2003 10:12
                      PM
                                                                                                                                       
                                                                                                                                       

Yes, create differnet user groups. One to point to local and the other a
domain controller. Or you can just use
the domain controller directly from the 3005 for authentication. Remember
the 3005 only can use radius, not tacacs
if you do use tha ACS.

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
wing_lam@jossynergy.com
Sent: Sunday, June 15, 2003 3:40 AM
To: ccielab@groupstudy.com
Subject: ACS 3.1 questions

Hi, Group,

I have a Cisco ACS in veraion 3.1, it can reference to Windows AD user
database and local database.

I would like to make certain client (say VPN 3005) only can reference to AD
while others (Say routers and switches) can only reference to local
database, whether can I achieved?

Thx,
BBD (Big Black Dog)
DISCLAIMER:- This email is confidential and intended only for the use of
the individual or entity named above and may contain information that is
privileged. If you are not the intended recipient, you are notified that
any dissemination, distribution or copying of this email is strictly
prohibited. If you have received this email in error, please notify us
immediately by return email or telephone and destroy the original message.
Thank you.

• Next message: wing_lam@jossynergy.com: "mrm test"
• Previous message: wing_lam@jossynergy.com: "RE: VPN 3005"
• Maybe in reply to: wing_lam@jossynergy.com: "ACS 3.1 questions"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Jul 04 2003 - 11:10:58 GMT-3