Hi,
As per your description you wish that each group of users should get different level of network access.
>>As per the description, i see that you are using a separate tunnel-group for each group.
>>Each tunnel-group has a different group-url which...
Hi Adam,
Please refer the below two links, they are for IKEv2 configuration.
The first link guides how to configure the Dynamic Crypto Map section(need to do on the device which will have a static public ip):
http://www.cisco.com/c/en/us/support/d...
Hi NH,
I see that you wish to do two factor authentication for the clients connecting to your Headend using AAA + Certificates.
I also see that you are looking to get the certificate signed from Thawte.
>>In two factor authentication in your scenari...
Hi,
What type of VPN are you trying to set up on the router i.e SSLVPN or IPsec.
What VPN application are the users using to connect to the router ?
Please share the tech support file from the router.
Regards,
Mrutunjay Sethi
Hi,
Going through your query as i understand you wish that user belonging to OU=Mail should only be able to connect to the VPN but no other user should be able to connect to the VPN.
You can achieve this in two ways.
Way1:
>>Change the "ldap-base-d...