Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1301
Views
0
Helpful
1
Replies

How to lock local ASA user to AnyConnect VPN connection profile?

Charles Rayer
Level 1
Level 1

‎04-09-2013 01:32 AM

Hi All,

I'm setting up VPNs for third party businesses that our business uses, and want to lock them to only being able to reach their devices.

I can do this using an ACL in a group policy on our ASA 5510s

We use AnyConnect VPN, with primary authentication by our AD and secondary by local ASA users.

Group policy is tied to connection profiles. However I don't seem to be able to lock a local ASA user to a connection profile. So there's nothing to stop them using a different connection profile and having more access than they should have.

How can I lock an ASA local user to a connection profile? And why isn't this a simple Cisco feature?

Labels:
0 Helpful
1 Reply 1

Charles Rayer
Level 1
Level 1

‎04-09-2013 02:15 AM

Hey, just cracked it by using Dynamic Access Policies linking to Username2 and applying the ACL.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents