cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

Dynamic Access Policy (DAP) ACL Aggregation Use Case for SSL VPN

5841
Views
0
Helpful
1
Comments

The attached document .pdf describes the configuration details for deploying Clientless SSL VPN ACLs via Dynamic Access Policies (DAPs). Multiple ACLs will be aggregated for VPN policy enforment. The same concept can be applied for Network (Layer 3) ACLs to be enforced on AnyConnect SSL/IKEv2 VPN,  and IPsec IKEv1 (legacy) clients,

This information is also explained in the DAP Deployment Guide,

Related Information

Comments
Beginner

That's a great walkthrough, but I find the WebVPN interface looks cleaner to those with less privileges if you create separate bookmark lists to go along with the separate policies.  So there would be an "Everyone" bookmark list, and a "Payroll" bookmark list.  Only the Payroll DAP applies the Payroll bookmark list.  The consequence of this configuration tweak is that less privileged users don't see a "greyed out" bookmark that they can't access, and consequently don't know what they're missing.

Content for Community-Ad