Hi Roberto,
For this you could use a "certificate-map", as following:
tunnel-group Financials type remote-access
tunnel-group IT type remote-access
!
crypto ca certificate map AnyConnect_Map 10
subject-name co ou = financials
!
crypto ca certificate map AnyConnect_Map 20
subject-name co ou = it
!
webvpn
enable outside
certificate-group-map AnyConnect_Map 10 Financials
certificate-group-map AnyConnect_Map 20 IT
!
So in this case, I am looking at the OU attribute of each certificate.
Let me know if you have any questions.
Thanks.
Portu.
Please rate any helpful posts.