Don't know if you have sorted this already?
This might help you on the way to sorting this problem.
http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_configuration_guide_chapter09186a00800ca7b4.html
Also have a look at the Cisco PIX firewall and VPN configuration guide / configuring radius authorization section
Hope this is useful
Regards
Martin
Alan DeKok wrote:
"Saunders, Shawn" <[EMAIL PROTECTED]> wrote:
I would like to configure Freeradius to house the DACLs as the department
that directly manages our PIX will not put them on the PIX. But they will
point the PIX to our RADIUS server for authentication of VPN sessions.
You need to consult your PIX documentation to see how it expects to receive the DACL's from the RADIUS server. Once you know that, the configuration of FreeRADIUS should become much more obvious.
I would also like on some users to be able to limit the machines they have
access to (on our internal network) from their VPN connection.
RADIUS doesn't do that, the PIX does.
I am new to this list and freeradius, sorry for the lack of info in the
previous post. I would appreciate some advise, if you need additional info,
constructive questions of what type of information would be helpful.
First decide what information the PIX needs, and in what format. Then, configure FreeRADIUS to send that information.
If you're trying to configure FreeRADIUS without knowing what the PIX needs, you will *never* make it work.
Alan DeKok.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
