SSL VPN assign custom portal to group of users.

CLIFFORD BECKER · ‎08-19-2009

With the SSL VPN on the ASA is it possible to assign a custom portal removing links or preventing access to things such as vnc, rdp, telent.

I have been able to assign bookmarks according to group. I don't want to allow some users access to items not required by for there job.

Todd Pula · ‎08-19-2009

You can achieve this using a customization object. There are too many portal features to list that can be enabled/disabled. You will then associate the customization object to the group policy servicing the users in question. Via ASDM, go to Configuration->Remote Access VPN->Clientless SSL VPN Access->Portal->Customization. From there you can view the default template or build your own.

CLIFFORD BECKER · ‎08-19-2009

Thanks for your response.

I have made a custom portal for each group of users. I guess my question needed to be how do I ensure that group1 gets custom portal1 and group2 gets custom portal2? I just want group1 to have the bare minimum and not be distracted by all the extras.

Todd Pula · ‎08-20-2009

You will need to configure a separate connection profile and group policy for each group of users. The customization object you created will then be associated with the respective group policy. You will then configure a means for the user to identify what connection profile they want to connect to. This can be achieved using an alias and connection profile selection via drop down or via group URLs. You can add additional security using group locking to ensure that users can only access the connection profile that they are authorized to connect to.