Chapter 4 Common Scenarios Using ACS

VPN Remote Network Access

Configuring an Authorization Policy for Host Lookup Requests

To configure an authorization policy for Host Lookup requests:

Step 1 Choose Access Policies > Access Services > <access_servicename> Authorization.

See Configuring a Session Authorization Policy for Network Access, page 10-29, for details.

Step 2 Select Customize to customize the authorization policy conditions.

A list of conditions appears. This list includes identity attributes, system conditions, and custom conditions.

See Customizing a Policy, page 10-4, for more information.

Step 3 Select Use Case from the Available customized conditions and move it to the Selected conditions.

Step 4 Select Authorization Profiles from the customized results and move it to the Selected conditions and click OK.

Step 5 In the Authorization Policy Page, click Create.

a.Enter a Name for the rule.

b.In the Conditions area, check Use Case, then check whether the value should or should not match.

c.Select Host Lookup and click OK.

This attribute selection ensures that while processing the access request, ACS will look for the host and not for an IP address.

d.Select an Authorization Profile from the authorization profiles and move it to the Selected results column

e.Click OK.

Step 6 Click Save Changes.

Related Topic

Managing Access Policies, page 10-1

VPN Remote Network Access

A remote access Virtual Private Network (VPN) allows you to connect securely to a private company network from a public Internet. You could be accessing your company’s network from home or elsewhere. The VPN is connected to your company’s perimeter network (DMZ). A VPN gateway can manage simultaneous VPN connections.

Related Topics

Supported Authentication Protocols, page 4-21

Supported Identity Stores, page 4-21

Supported VPN Network Access Servers, page 4-22

Supported VPN Clients, page 4-22

Configuring VPN Remote Access Service, page 4-22

 

User Guide for Cisco Secure Access Control System 5.3

4-20

OL-24201-01

Page 84
Image 84
Cisco Systems OL-24201-01 manual VPN Remote Network Access, See Customizing a Policy, page 10-4, for more information