cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

118
Views
0
Helpful
1
Replies
Larry Smith
Beginner

ASA remote access authentication

Hello,

Is there a way to configure an ASA to dynamically assign different aaa-server groups based on AD group memberships of users trying to authenticate?

I don't seem to see a way to do this using DAP, could this be done with LDAP mappings?

 

Thanks in advance.

1 REPLY 1

Hi Larry,

 

You can map AD group memberships to specific group policies on the ASA, you can find that configuration here:

 

- http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/91831-mappingsvctovpn.html

 

Let me know if further assistance is required!

 

Please proceed to rate and mark as correct the helpful Post!

 

David Castro,

 

Regards,

Create
Recognize Your Peers
Content for Community-Ad

ISE Webinars


Miss a previous ISE webinar?
Never miss one again!

CiscoISE on YouTube