Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
1932
Views
0
Helpful
4
Replies

User based portal on Cisco ASA (SSL VPN)?

Go to solution
alig.norbert
Level 4
Level 4

‎04-20-2011 08:25 AM

Hi all,

I am looking for a solution, that different portals (WEBVPN) can be assigned to different users.

E.g. :

- user "test1" logs in and see the "portal-1"

- user "test2", "test3" log in and see the "portal-2"

I know, it can be done with the alias entry for each portal, but I want a transparent solution for the user (Like Juniper SA2000).
Furthermore it should be possible to authenticate through RADIUS (no local authentication on the ASA).

Who has done such a set up?

Thanks,

Norbert

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
andamani
Cisco Employee
Cisco Employee
In response to alig.norbert

‎04-21-2011 06:59 AM

Hi,

The attribute 25 (It's called "Class") and assign it the  value of ou=MyVPNGroupPolicy   where MyVPNGroupPolicy is the  name of your group policy in the ASA.

Hope this helps.

Regards,

Anisha

P.S.: please mark this thread as answered if you feel your query is resolved. Do rate helpful posts.

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Yudong Wu
Level 7
Level 7

‎04-20-2011 03:21 PM

I think you can use the group policy.

For example,

You can create two different group policy and customize the portal for each respectively.

Then when user1 login, Radius can reture the attribute to let ASA know when group user1 is belong to and correspond web portal will be launched accordingly. user2 and use3 will be mapped to the other group based on their radius attribute and the related web portal will be launched.

Not sure if this is what you are looking for.

0 Helpful

Go to solution
alig.norbert
Level 4
Level 4
In response to Yudong Wu

‎04-20-2011 10:52 PM

Hi,

that's what I'm looking for, BUT which attribute must be set on the RADIUS to let the ASA know that this particular user belongs to the particular

group (VPN-Group)?

Thanks,

Norbert

0 Helpful

Go to solution
andamani
Cisco Employee
Cisco Employee
In response to alig.norbert

‎04-21-2011 06:59 AM

Hi,

The attribute 25 (It's called "Class") and assign it the  value of ou=MyVPNGroupPolicy   where MyVPNGroupPolicy is the  name of your group policy in the ASA.

Hope this helps.

Regards,

Anisha

P.S.: please mark this thread as answered if you feel your query is resolved. Do rate helpful posts.

0 Helpful

Go to solution
alig.norbert
Level 4
Level 4
In response to andamani

‎04-21-2011 07:54 AM

Great,

That was what I was looking for.

Thanks,

Norbert

0 Helpful
Top