Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
676
Views
0
Helpful
3
Replies

restrict SSL client?

donlon
Level 1
Level 1

‎10-11-2005 07:45 PM

Does anyone know if it is possible to allow different access to groups that connect via the SSL VPN clients.

If I understand the Concentrators documentation correctly, all SSL thick client and webVPN users fall under the Base group, there's no method to apply differentiated access to separate groups or individuals such as there is when using IPSEC.

If that is true then I would say that's a significant limitation of Cisco's current SSL VPN implementation.

Labels:
0 Helpful
3 Replies 3

umedryk
Level 5
Level 5

‎10-17-2005 06:16 AM

You cannot differentiate between groups as they all fall under basegroup.

0 Helpful

kdemian
Level 1
Level 1
In response to umedryk

‎02-07-2006 08:49 AM

Its posible,

use RADIUS server and atribute 25

ou=groupname

You must create group on VPN3000 and configure RADIUS

to match this group.

0 Helpful

Rutger Blom
Level 1
Level 1
In response to kdemian

‎02-08-2006 01:05 PM

Yes but this is after initial RADIUS authentication which is defined att the global system level.

I have a problem having one SSL group only accessing webservers. In this group it is sufficient with username/password authencation. Then we have a SSL group for technicians that have all kind of TCP/IP access to the network. I want to authenticate these users with another RADIUS server that has build in OTP support. As far as I know this is impossible.

Rutger

0 Helpful
Customers Also Viewed These Support Documents