Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
291
Views
5
Helpful
2
Replies

facing challenge to integrate AD Security Group in ASA

hashimwajid1
Level 3
Level 3

‎04-09-2018 01:59 PM - edited ‎03-19-2019 01:15 PM

Hi 

 

we integrated Active Directory with ASA for Anyconnect VPN  Authentication. in AD we have created 2 x Security Group ( both security groups are part of the same OU ).  

 

on ASA we created 2 different VPN group and want to integrate each vpn group with separate Security Group in AD.

 

here we are facing challenge

 

we used Dynamic Access Policy to restrict users. in DAP we called both Security Groups. 

 

 now any user which is not part part of the these 2 security Group will not authenticate ( this is ok )

 

Issue

users in both security groups can use both vpn group ( we want to restrict one VPN group with one Security group in AD which is somehow not working and security group users can access both VPN group )

 

is there any way that we can restrict each AD security group with VPN group policy/ tunnel group so users in one security group should not authenticate for other vpn group 

 

Thanks  

0 Helpful
2 Replies 2

Jaime Valencia
Cisco Employee
Cisco Employee

‎04-09-2018 02:18 PM

You're posting this in the Unified Communications Applications forum, might want to move this to the security/VPN area.

HTH

java

if this helps, please rate

hashimwajid1
Level 3
Level 3
In response to Jaime Valencia

‎04-09-2018 02:26 PM

Hi jamie

 

my mistake, how can i move this post to security/VPN ?

 

thanks

0 Helpful
Customers Also Viewed These Support Documents