02-09-2021 08:22 AM
Hello,
I am writing a Dynamic Access Policy on a Cisco ASA for a Remote Access VPN Connection. We are using Cisco AnyConnect and our connection profile uses SAML. The Dynamic access policy Checks for SAML and checks for membership in a LDAP group.
My question, how do you write the AnyConnect Custom Attribute to select either a group policy or address pool based on the ldap group membership. I am having a hard time finding information on this.
Thanks
Solved! Go to Solution.
02-09-2021 09:11 AM
Hi,
You could use LDAP Attribute mapping to associate user from a specific LDAP group to group-policy on an ASA.
For more examples:
Thank you,
Dinesh Moudgil
P.S. Please rate helpful posts.
02-09-2021 09:08 AM
02-09-2021 09:11 AM
Hi,
You could use LDAP Attribute mapping to associate user from a specific LDAP group to group-policy on an ASA.
For more examples:
Thank you,
Dinesh Moudgil
P.S. Please rate helpful posts.
02-13-2021 09:36 AM
Thanks! Worked Great!
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: