01-23-2014 06:41 AM - edited 03-10-2019 09:19 PM
Hello,
in ACS there is a configuration with radius request "simulataneous login=1". If I hold a vpn session for a time x another user (X) can login with the same user data during the connection. After user (X) is connected and my active session was canceled (by another user). The active session changed to user (X).
In ACS I give authentication request "Radius Cisco VPN3000/ASA/PIX7.xSimultaneous-Logins=1". Is there a way to deny the connection for user (X) during an existing vpn session? What is the option or request in ACS?
Thx for help!
01-23-2014 12:22 PM
Hi,
You have an option on the ASA itself to prevent this by using "vpn-simultaneous-logins" under the group-policy assigned to the tunnel group or the username.
You can configure it to have 1,2,3, or more session per username.
Thanks.
Sent from Cisco Technical Support iPad App
01-27-2014 12:30 AM
Thx for your answer!
By this option the user takes away its own existing session f.e. from another PC. That should not happen...
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide