Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
399
Views
0
Helpful
0
Replies

anyconnect vpn filter and DAP issue

Netplace Support
Level 1
Level 1

‎10-01-2019 11:25 PM

Hi All,

 

Setup an anyconnect vpn which works properly. i.e users get authenticated via AD Server and then vpn connection establish. Now i want to achieve granular access on group-policy base.

 

Example : created two group-policy name noaccess and vpnusers. Basically i want my users connecting to noaccess Group-policy can access 192.168.240.159 and users connecting to vpnusers group-policy can access 192.168.240.17.

 

So for same i have created vpn-filter and assign it to respective group. But now i have achieve granularity on group-policy base access but user are not able to access internet, Same when i remove this vpn-filter internet is accessible to users.

 

Any idea how to tackle this issue. 

 

Also observed one weird thing is if i checkmark "Terminate" in DAP DefaultAccesspolicy then my users wont able to connect to anyconnect vpn giving error "you environment does not meet the access criteria defined by yout

 

Attaching vpn filter configuration and DAP if its helps.

Labels:
Preview file
155 KB
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents