cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
545
Views
0
Helpful
3
Replies

Different vpn user with different portal using same logon page

y.lo
Level 1
Level 1

We are going to enable VPN access on ASA5585X. We would like to have the same web login page for all users.

By authenticating the user against an ISE, which forwards the authentication request to Active directory servers, a specific web portal page is presented to different groups of user. Can it be accomplished on the ASA using dynamic access policies? Or any other workaround?

Thanks a lot.

3 Replies 3

Julio Carvajal
VIP Alumni
VIP Alumni

Hello Daniel,

So you want to show the login page for any user even if they belong to different tunnel-groups?

Is that what you are asking?

I think that you could use group-locks and then with that you will bypass any drop-down list and just make sure the banners, etc information is the same for all of them!.

Not sure if that was what you were asking...

For more information about Core and Security Networking follow my website at http://laguiadelnetworking.com

Any question contact me at jcarvaja@laguiadelnetworking.com

Cheers,

Julio Carvajal Segura

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

Yes I want all users to see the same login page even if they belong to different tunnel-groups.

After logging in they would only see resources that they are allowed to access.

The user accounts are all in the Active directory. Can I still use group locks?

Hello Daniel,

Yes, U should.

Here is one discussion about group-locks via ACS (I know you are using ISE). You can see at least the logic behind it and the attribute values being mapped

https://supportforums.cisco.com/thread/2063181

For more information about Core and Security Networking follow my website at http://laguiadelnetworking.com

Any question contact me at jcarvaja@laguiadelnetworking.com

Cheers,

Julio Carvajal Segura

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC