cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
311
Views
0
Helpful
1
Replies
fri Beginner
Beginner

Restrict local user to access Asdm & anyconnect

Hi All,

 

I have create 2 user as below:

 

user: admin (able access asdm,ssh but not able to anyconnect).

user: vpnuser1 (able to use anyconnect but not able access asdm and ssh)

 

My problem is i able to restrict vpnuser1 only access anyconnect vpn, but when i use user admin its able to access anyconnect login, how we can restrict admin use for anyconnect login?

 

Please advise, 

 

My configuration as below:

dynamic-access-policy-record DfltAccessPolicy
username vpnuser1 password ***** pbkdf2 privilege 0
username vpnuser1 attributes
service-type remote-access
username admin password ***** pbkdf2 privilege 15

 

aaa authentication ssh console LOCAL
aaa authorization exec LOCAL

 

 

1 REPLY 1
Highlighted
VIP Advisor

Re: Restrict local user to access Asdm & anyconnect

admin user always have higher level access. suggest to not to change any policies for the admin user (since this is super user for ASA)

 

instead you can make close admin user for different purpose.

 

BB
*** Rate All Helpful Responses ***