cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
761
Views
0
Helpful
2
Replies

VPN User authorization

talha_490
Level 1
Level 1

Hi,

I have a setup where there are vpn users conecting the network resources through outside. They VPN HeadEnd appliance is ASA. They are getting authenticated through ACS which is integrated through LDAP. Now i want to perform authorization through ACS server to restrict the user access to the resources based on its Need to Know rule. Can i perform Authorization on ACS with authentication on acs through ldap because in this case i donot create local username and password on acs.

2 Replies 2

Tarik Admani
VIP Alumni
VIP Alumni

Yes you can will create a authorization profile under you policy elements which will contain the "need to know rule", then you will retrieve the group in your ldap settings, directory attributes and select the group after you search for it.

Finally create a access policy, that will contain the authorization profile, the ldap container. Keep in mind you will have to customize this option to active the policy elements you wish to map.

Thanks,

Tarik

Do you have any document which can help us