Cisco ACS Help

I am new to ACS so my apologies if this is a n00b question or in the documentation, I have viewed the documented but I am not finding how to accomplish what I am trying to accomplish.

I have setup Cisco ACS to authenticate to the external Windows database (Active Directory). I have two domains, Domain A and Domain B. I have domain mappings setup to point ACS to each of the domains and the NT group within each domain with the user accounts I want to authenticate. I want to have some of our network devices to authenticate ONLY against Domain A and some of our network devices to authenticate ONLY against Domain B. I am not certain how to "segment" the network devices in ACS so that they only authenticate against the chosen domain. Right now all devices authenticate against either domain mapping. What is the best way of going about implementing this "segmentation"?

We are on ACS version 4.0. The network devices right now are only Lantronix SCS100 console servers attached to Cisco 1751-V routers. In the future we will have other network devices authenticate here and will have VPN connections terminated on our ASAs authenticate here as well.

Thanks. Robert Phillips, CCNA

Reply to
Robert B. Phillips, II
Loading thread data ...

I don't think this can be done. You authenticate the users against a database Windows/Ciscosecure to give access to devices. The devices don't care where the user autheticates. You can create two groups of users (one for each domaiin) and configure the devices to authenticathe against those groups.


Robert B. Phillips, II wrote:

Reply to

Reply to
Robert B. Phillips, II Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.