Cisco Community
English
Register
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Dynamic Access Policy (DAP) ACL Aggregation Use Case for SSL VPN

Labels:
5944
Views
0
Helpful
1
Comments
Nelson Rodrigues
Cisco Employee
‎02-01-2010 08:41 AM
edited on: ‎02-01-2010 ‎08:41 AM

The attached document .pdf describes the configuration details for deploying Clientless SSL VPN ACLs via Dynamic Access Policies (DAPs). Multiple ACLs will be aggregated for VPN policy enforment. The same concept can be applied for Network (Layer 3) ACLs to be enforced on AnyConnect SSL/IKEv2 VPN,  and IPsec IKEv1 (legacy) clients,

This information is also explained in the DAP Deployment Guide,

Related Information

0 Helpful
Comments
jimsiff
Beginner
Beginner
‎03-29-2010 12:02 AM
‎03-29-2010 12:02 AM

That's a great walkthrough, but I find the WebVPN interface looks cleaner to those with less privileges if you create separate bookmark lists to go along with the separate policies.  So there would be an "Everyone" bookmark list, and a "Payroll" bookmark list.  Only the Payroll DAP applies the Payroll bookmark list.  The consequence of this configuration tweak is that less privileged users don't see a "greyed out" bookmark that they can't access, and consequently don't know what they're missing.

Latest Contents
AMP Exclusion and Application Whitelisting
Created by balakrishnanbipin1 on 05-06-2021 12:08 AM
0
5
0
5
Hello AMP Team, Trying to understand the difference between AMP Exclusion and Application Whitelist.  When we would add an application/path or other
ISE REST API - AuthZ Profile modification
Created by mstefanka on 05-06-2021 12:01 AM
0
0
0
0
Hello, I am using API (xml/json) to change parameters of authorization profile in ISE. All good (VLAN, dACL,...), except attribute "RADIUS_ACCEPT" or "RADIUS_REJECT". This object doesn't change, even it is in documentation as supported value.ISE 2.7 Patch... view more
Create an Internal User with cURL and JSON on windows comman...
Created by Richie20 on 05-05-2021 11:20 PM
0
0
0
0
Hi Everyone I am trying to Create an Internal User with cURL and JSON on window command prompt  for cisco ISE. prompt  but I am  getting  these errors over again . can anyone help me outthis is curl commandcurl --insecure --i... view more
AAA_DOT1X radius DEAD
Created by getaway51 on 05-05-2021 06:57 PM
0
0
0
0
hI, It seems the Radius DEAD and ALIVE logs were occuring every few minutes. User complains it affect their access. However I thought when AAA down, all hosts will be AZ (authorised)? It seems AAA servers intermittent reachability frm the switch affe... view more
Firepower 2110 PPPOE
Created by sxzhang23300 on 05-05-2021 06:48 PM
5
0
5
0
Firepower 2110 only has interface type static and dhcp.I cannot see pppoe option in WAN interface.I use FDM for management. 
Content for Community-Ad