4-20
User Guide for Cisco Secure Access Control System 5.4
OL-26225-01
Chapter4 Common Scenarios Usin g ACS
VPN Remote Network Access

Configuring an Authorization Policy for Host Lookup Requests

To configure an authorization policy for Host Lookup requests:
Step1 Choose Access Policies > Access Services > <access_servicename> Authorization.
See Configuring a Session Authorization Policy for Network Access, page 10-30, for details.
Step2 Select Customize to customize the authorization policy conditions.
A list of conditions appears. This list includes identity attributes, system conditions, and custom
conditions.
See Customizing a Policy, page10-4, for more information.
Step3 Select Use Case from the Avail abl e customized conditions and move it to the Selected conditions.
Step4 Select Authorization Profiles from the customized results and move it to the Selected conditions and
click OK.
Step5 In the Authorization Policy Page, click Create.
a. Enter a Name for the rule.
b. In the Conditions area, check Use Case, then check whether the value should or should not match.
c. Select Host Lookup and click OK.
This attribute selection ensures that while processing the access request, ACS will look for the host
and not for an IP address.
d. Select an Authorization Profile from the authorization profiles and move it to the Selected results
column
e. Click OK.
Step6 Click Save Changes.
Related Topic
Managing Access Policies, page 10-1
VPN Remote Network Access
A remote access Virtual Private Network (VPN) allows you to connect securely to a private company
network from a public Internet. You could be accessing your company’s network from home or
elsewhere. The VPN is connected to your company’s perimeter network (DMZ). A VPN gateway can
manage simultaneous VPN connections.
Related Topics
Supported Authentication Protocols, page 4-21
Supported Identity Stores, page4-21
Supported VPN Network Access Servers, page 4-22
Supported VPN Clients, page 4-22
Configuring VPN Remote Access Service, page 4-22