I am trying to use Cisco’s ACS to send Downloadable ACL’s to VPN clients. I have a LOT of clients and a few hundred with specific IP requirements.
What I am trying to find out is:
When using groups, will ACS merge the ACL’s or send multiple ACL’s to a single client whom logs on?
That way, I can nest my rules as so:
2-3 Users Requiring a Single Server
Department Requiring Specific access
Business Unit’s Access Requirements
Corporate Wide Access Requirements
That way, I don’t have to rewrite the group rules for small groups that also need the access of the larger group’s permissions.
