Creating and storing troubleshooting information for providing access control information to a network device involves receiving a provisioning of control lists, and associations of the ACLs to users of the device. During authenticating a user login, a name of a first ACL is provided to the device, selected from among the ACLs based on the associations. A request is received from the device for a first ACL that is associated with a user of the device. The request includes the name of the ACL. The first ACL is sent to the network device in response to the request. Embodiments may use RADIUS for communicating ACLs from an authentication server to a firewall. A de-fragmentation approach enables downloading ACLs that exceed the maximum RADIUS packet size. Using an ACL renaming approach the firewall updates its cache when a user subsequently logs in and the corresponding ACL has changed.