I'm not finding a good answer to my question...
I'm curious about DAP policies. I have several connection profiles/group policies. I'd like to configure DAP policies that apply only to certain group policies, and not every group policy - for example, internal users would have different DAP policy than external.
I'm not having good luck finding an answer to whether or not that's possible and if so, how to make it happen.
Mind you, I'm not well versed on ASDM.
Well here's what I have and what I want to do:
Internal and external users, internal obviously in AD, external are not. We authenticate using radius (RSA). All VPNs terminate on the same ASA pair.
In AnyConnect I have several connection profiles matched with group policies. What I'd like to do is leverage DAP to say "if you're an internal user, you connect using connection profile/GP A or B, if you're an external user, C or D. If you connect to either A or B your PC must belong in the AD domain, otherwise drop. If you connect to C or D, doesn't matter, those are for external users."