02-15-2021 11:24 AM
Hello,
I've a case where the SSL VPN Firewall needs to be integrated with the AD, based on AD the access should be controlled. The only way that comes into my mind is to configure different group policies and different IP pools for different departments, then apply a VPN filter on each group policy to control what that IP pool can access and what not.
Any other suggestions / best practices?
Thanks,
Solved! Go to Solution.
02-15-2021 11:31 AM
Yes, that'll work fine.
If you used ISE/RADIUS, you could dynamically assign the IP Pool or DHCP scope based on AD group membership, without using multiple group policies. You could also apply a Downloadable ACL (DACL) instead of VPN Filter. Alternatively you could deploy trustsec for segmentation.
HTH
02-15-2021 11:31 AM
Yes, that'll work fine.
If you used ISE/RADIUS, you could dynamically assign the IP Pool or DHCP scope based on AD group membership, without using multiple group policies. You could also apply a Downloadable ACL (DACL) instead of VPN Filter. Alternatively you could deploy trustsec for segmentation.
HTH
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide