cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
835
Views
0
Helpful
1
Replies

Restrict local user to access Asdm & anyconnect

fri
Level 1
Level 1

Hi All,

 

I have create 2 user as below:

 

user: admin (able access asdm,ssh but not able to anyconnect).

user: vpnuser1 (able to use anyconnect but not able access asdm and ssh)

 

My problem is i able to restrict vpnuser1 only access anyconnect vpn, but when i use user admin its able to access anyconnect login, how we can restrict admin use for anyconnect login?

 

Please advise, 

 

My configuration as below:

dynamic-access-policy-record DfltAccessPolicy
username vpnuser1 password ***** pbkdf2 privilege 0
username vpnuser1 attributes
service-type remote-access
username admin password ***** pbkdf2 privilege 15

 

aaa authentication ssh console LOCAL
aaa authorization exec LOCAL

 

 

1 Reply 1

balaji.bandi
Hall of Fame
Hall of Fame

admin user always have higher level access. suggest to not to change any policies for the admin user (since this is super user for ASA)

 

instead you can make close admin user for different purpose.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: