cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
233
Views
0
Helpful
1
Replies
johnsmunoz
Beginner

ASA5520 Restrict Users based on LDAP/AD group to certain ACL's or IP Pool?

I'd like to be able to give different users access to different subnets either by an ACL or by putting them into particular address pools based on their LDAP membership.  Is this possible?  most of the documentation i've been able to to find is just to give access or deny access to the VPN itself.  

1 REPLY 1
Collin Clark
Advisor

Yeah, that's not a problem. Easiest way (IMO) is to map LDAP group to ASA Group Policy.

http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/91831-mappingsvctovpn.html

Content for Community-Ad