04-09-2018 01:59 PM - edited 03-19-2019 01:15 PM
Hi
we integrated Active Directory with ASA for Anyconnect VPN Authentication. in AD we have created 2 x Security Group ( both security groups are part of the same OU ).
on ASA we created 2 different VPN group and want to integrate each vpn group with separate Security Group in AD.
here we are facing challenge
we used Dynamic Access Policy to restrict users. in DAP we called both Security Groups.
now any user which is not part part of the these 2 security Group will not authenticate ( this is ok )
Issue
users in both security groups can use both vpn group ( we want to restrict one VPN group with one Security group in AD which is somehow not working and security group users can access both VPN group )
is there any way that we can restrict each AD security group with VPN group policy/ tunnel group so users in one security group should not authenticate for other vpn group
Thanks
04-09-2018 02:18 PM
You're posting this in the Unified Communications Applications forum, might want to move this to the security/VPN area.
04-09-2018 02:26 PM
Hi jamie
my mistake, how can i move this post to security/VPN ?
thanks
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide