Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
564
Views
0
Helpful
1
Replies

ASA AnyConnect Connection Profiles with RADIUS, restrict access

tgregorics
Level 1
Level 1

‎02-11-2016 01:51 AM - edited ‎03-10-2019 11:28 PM

Hi,

We have a working setup of ASA AnyConnect with RADIUS authentication. The RADIUS server is an NPS running on Windows.

We need to be able to restrict users to separate connection profiles (or group policies), via RADIUS and windows AD groups. I think we can do this with radius attribute 25.

My question: if a user must have access to multiple connection profiles/group policies, how can we solve it? I think, NPS would match the first network policy with the AD group membership and would return only one attribute 25.

Thank you.

Labels:
0 Helpful
1 Reply 1

tgregorics
Level 1
Level 1

‎02-11-2016 05:19 AM

Solved the problem by using DAP and LDAP authentication servers instead of RADIUS/NPS.

Although, I still would be interested in a solution for when using RADIUS authentication.

0 Helpful
Customers Also Viewed These Support Documents