cancelar
Mostrando los resultados de 
Buscar en lugar de 
Quiere decir: 
cancel
451
Visitas
0
ÚTIL
0
Respuestas

For RA VPN connections, how to control access to resources only with Group Policies?

Hello everyone:

I have the following scenario. I have configured RA VPN on an ASA5516-X with Firepower services v6.4.0.4 (Build 34) managed with FDM.

There are three groups of users (Group A, Group B and Group C). For each of them, I have configured a Group Profile associated with a different Group Policy that allows access to different network resources. So Group A users cannot access Group B or Group C resources and vice versa.

Users can establish connection by selecting their own profile in AnyConnect client and accessing its resources. However, for example, a user from Group B can select Profile A and when authenticating they can also access the resources of Group A, this is not what is desired.

The users are created locally on the ASA, we do not have an LDAP or RADIUS server.

What additional configuration could you make to prevent this from happening, that is, each group of users accessing only their resources and no others?

 

I appreciate your suggestions.

0 RESPUESTAS 0
Crear
Reconozca a un colega
Content for Community-Ad