cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
474
Views
0
Helpful
1
Replies

Why VPN authenticates a local user

Anand Narayana
Level 6
Level 6

HI,

i am using the similar config in my Cisco ASA listed below in the website of the config. in that user marty is a local user name for authenticating the ASA via SSH from LAN, but user marty is also able to login VPN, how do i avoid that MARTY user to deny VPN acces?

my requirement, i should specify a vpn group name eg. anand, & anand only should be allowed for VPN, but he should not be allowed for SSH, vice versa for marty also the same.

http://cisco.com/en/US/products/ps6120/products_configuration_example09186a008060f25c.shtml

1 Reply 1

haroon.shaikh
Level 1
Level 1

You can configure privilege level of the VPN user to as low as possible so even if he logs into ASA using SSH, he cant do much.

Not sure, about the other way around.

* Please rate if it helps