downloadable acl with asa-acs

i ve a problem configuring downloadabel acl. i use ASA 5510 8.0(3) as security appliance the ACS 4.2 as radius server

in acs- shared profile, i created a "test" acl.

deny ip any host 10.1.3.106 permit icmp any host 10.1.50.1

there is a "user unknown policy" which forward to a rsa token server

in the user and also group config, i assigned the downloadable acl.

on the asa :

access-list test extended deny ip any any log debugging access-list test extended deny icmp any any log debugging access-group test in interface outside per-user-override

i cheked in the asa command line configration guide and in the acs manual but it seems that i miss something.

maybe i have to configure some specific radius attriubtes ?

please help me

Reply to
nini
Loading thread data ...

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.