cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Cisco Community Designated VIP Class of 2020

125
Views
0
Helpful
2
Replies

DAP policies

I'm not finding a good answer to my question...

I'm curious about DAP policies. I have several connection profiles/group policies. I'd like to configure DAP policies that apply only to certain group policies, and not every group policy - for example, internal users would have different DAP policy than external.

I'm not having good luck finding an answer to whether or not that's possible and if so, how to make it happen.

Mind you, I'm not well versed on ASDM. 

Everyone's tags (2)
2 REPLIES 2
Advisor

Yes, that is possible.  You

Yes, that is possible.  You can match on lots and lots of different parameters.

Well here's what I have and

Well here's what I have and what I want to do:

Internal and external users, internal obviously in AD, external are not. We authenticate using radius (RSA). All VPNs terminate on the same ASA pair.

In AnyConnect I have several connection profiles matched with group policies. What I'd like to do is leverage DAP to say "if you're an internal user, you connect using connection profile/GP A or B, if you're an external user, C or D. If you connect to either A or B your PC must belong in the AD domain, otherwise drop. If you connect to C or D, doesn't matter, those are for external users."

CreatePlease to create content
Content for Community-Ad
FusionCharts will render here