I can't comment on this as all our equipment is 12.4T or above.
Regards, Tyson Scott - CCIE #13513 R&S, Security, and SP Managing Partner / Sr. Instructor - IPexpert, Inc. Mailto: [email protected] Telephone: +1.810.326.1444, ext. 208 Live Assistance, Please visit: www.ipexpert.com/chat eFax: +1.810.454.0130 IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, Audio Tools, Online Hardware Rental and Classroom Training for the Cisco CCIE (R&S, Voice, Security & Service Provider) certification(s) with training locations throughout the United States, Europe, South Asia and Australia. Be sure to visit our online communities at www.ipexpert.com/communities and our public website at www.ipexpert.com <http://www.ipexpert.com/> From: [email protected] [mailto:[email protected]] On Behalf Of Bruno Sent: Wednesday, August 18, 2010 8:20 PM To: CCIE Security Maillist Subject: [OSL | CCIE_Security] NAC L2-IP on switches under 12.3 Hi guys, I have been trying to have the DACLs downloaded from ACS server but no success so far. I read that IOS under 12.3 the Downloadable ACLs does not work but I also read it could be done using aaa authorization auth-proxy instead. Using the auth-proxy I went to RAC and added there a cisco-av-pair saying "auth-proxy:proxyacl#1=permit ip any any" but it didn't work Is there any light on this? Am I doing something wrong? I got everything working, posture tokens, CTA messages and NAP but it is falling on DACLs -- Bruno Fagioli (by Jaunty Jackalope) Cisco Security Professional
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
