Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
453
Views
0
Helpful
1
Replies

Remote Access VPN ASA - User policy based

blackswans
Level 1
Level 1

‎01-14-2013 07:44 AM - edited ‎02-21-2020 06:37 PM

Hi,

Is there a way to make policies based on active directory users (groups)? There will be only one remote access vpn configuration in the asa and we will use microsoft AD users (radius). When the users will connect with the vpn client they will get access differently. An admin can have full access to everywhere and simple user can access only to intranet web server. Can we do that but there shouldnt be different remote access vpn configurations in the asa.

Thanks.                  

Labels:
0 Helpful
1 Reply 1

Rudy Sanjoko
Level 4
Level 4

‎01-14-2013 08:11 AM

I think you can use AAA to differentiate the role per user, not sure  if you can group them together using object group or you have to  manually add the policy for each user.

You will need to add some line on your config for  these to happen, refer following link for a documentation on configuring  AAA on ASA 8.4 or later.

http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/access_aaa.html#wp1167529

HTH

0 Helpful
Customers Also Viewed These Support Documents