01-11-2010 08:31 AM - edited 03-11-2019 09:55 AM
Hi,
Am trying to undestand if I can use an ASA 5510 to set up firewall policies for AD Groups.
E.g. I have an AD group allowed_users that I want to allow access to the internet.
Can I integrate an ASA with my AD, and then create a Policy that allows this group access to port 80/443 to all external IPs?
I found help on the Cisco Site for Tunnel Groups, but that is not what I want.
Am a newbie/non-technical evaluator and would appreciate any pointers.
TIA
Kar
Jogged this thread on 20 Jan. Hope to receive some expert advise on this now :-)
01-11-2010 08:40 AM
karthik
i dont think you can do it that way - (experts pls correct if im wrong)
are your AD groups on different subnets? if so then you can do it via ACL where you create and access list for the subnet you want to allow all access and then deny the rest
HTH
01-11-2010 08:47 AM
Hi Solpandor,
I cannot use an ACL without a lot of re-design of my networks. I would also have to probably write AD Login scripts to change people's subnet.
Am specifically looking for Frewall Integration with AD.
Thanks
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide