Blocking MAC addresses locally on a PIX 501 using EZVPN

[xylax]

A month ago, I had a post about getting MAC filtering to work locally on a PIX 501. I finally figured it out. However, now I have the same problem again but this time I'm using EasyVPN and the lines that blocked access to the network now breaks the EasyVPN client connection to the EasyVPN server. The lines that worked on the Dynamic IPSEC were:
---------------------------------------------------
aaa-server AuthInbound protocol radius
aaa-server AuthInbound (inside) host XX.XX.XX.XX
TheUauthKey
aaa-server AuthOutbound protocol radius
aaa-server AuthOutbound (inside) host XX.XX.XX.XX TheUauthKey
aaa authentication include tcp outside 0 0 0 0 TACACS+
aaa authentication include tcp inside 0 0 0 0 TACACS+
mac-list allowed permit 00xx.xxxx.xxxx ffff.ffff.ffff
aaa mac-exempt allowed
----------------------------------------------------
Two of the lines above breaks the EasyVPN connection:

aaa authentication include tcp outside 0 0 0 0 TACACS+
aaa authentication include tcp inside 0 0 0 0 TACACS+

I don't have a TACACS+ server, which shouldn't matter if I'm using a mac-exempt list. I'm only using this to write a mac-exempt list for every authorized machine connected to the PIX. I cannot find ANY documentation telling me how to do this.

How can I get EasyVPN client on a PIX 501 to successfully block MAC addresses?

Shon
Network Administrator

 

[xylax]

Anyone have any thoughts?

Shon
Network Administrator