07-26-2024 04:38 AM
We have DAP based on Cisco Username to allow different access but if users put a suffix they are still authenticated BUT the DAP is not matches anymore.
example:
user1
user1@domain.com
Any Ideas on how to do a regex on Usernames?????
07-29-2024 06:49 AM
In the very past there was a "group-delimeter" and "strip-group" ASA CLI which was used for Cisco IPSec Client to strip suffix before passing the username to AAA. Not sure if this works for AnyConnect.
For DAP you can achieve everything you want with Lua: http://www.lua.org/docs.html
07-29-2024 09:17 AM
can you show your dap policy ? are you matching on username or username@domain.com ?
07-29-2024 12:01 PM - edited 07-29-2024 12:02 PM
You add two username in one DAP?
Can you share
Debug dap trace 255
MHM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide