Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
6865
Views
0
Helpful
1
Comments

Dynamic Access Policy (DAP) ACL Aggregation Use Case for SSL VPN

Nelson Rodrigues
Cisco Employee
Cisco Employee

on ‎02-01-2010 08:41 AM

The attached document .pdf describes the configuration details for deploying Clientless SSL VPN ACLs via Dynamic Access Policies (DAPs). Multiple ACLs will be aggregated for VPN policy enforment. The same concept can be applied for Network (Layer 3) ACLs to be enforced on AnyConnect SSL/IKEv2 VPN,  and IPsec IKEv1 (legacy) clients,

This information is also explained in the DAP Deployment Guide,

Related Information

Labels:
Preview file
334 KB
0 Helpful
Comments
jimsiff
Level 1
Level 1
‎03-29-2010 12:02 AM

That's a great walkthrough, but I find the WebVPN interface looks cleaner to those with less privileges if you create separate bookmark lists to go along with the separate policies.  So there would be an "Everyone" bookmark list, and a "Payroll" bookmark list.  Only the Payroll DAP applies the Payroll bookmark list.  The consequence of this configuration tweak is that less privileged users don't see a "greyed out" bookmark that they can't access, and consequently don't know what they're missing.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents