match an Access-lists in Cisco PIX to Radius users
I have a couple of Cisco PIX 515E firewalls, and I have users connection with VPN Clients to the PIX firewalls and they are authecticated bya RadTac Radius server.
I want to restict users from accessing certain ip-addresses (server) on the inside, and this could be done by making an access-list and then the access-list have a acc-id that is matched against the Radius server.
If I had Cisco Secure ACS server then it would be built in in the program, becase what I understand from reading the PIX referens manual, Cisco Secure ACS extracts the ACL ID from the access-list and make a match aginst the user/group policys in the Radius server.
So my question is, can this be done be RadTac server ?
I'll attach the link to PIX Command referns where is stands about this.
The go down to "RADIUS Authorization", there you can find the same thing I describe above.