Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
356
Views
0
Helpful
1
Replies

VPN groups based on RADIUS/LDAP attribute?

johnsmunoz
Level 1
Level 1

‎03-06-2017 02:36 PM

Is it possible to assign users to different VPN groups depending on permissions defined in their RADIUS or LDAP login?  I'd really rather not have to give each user different group's and PSK's for their different vpn group rights.  These change frequently and it would be a pain to manage.  It would be easier if we could just base their vpn privileges based on their membership.  

Labels:
0 Helpful
1 Reply 1

JP Miranda Z
Cisco Employee
Cisco Employee

‎03-06-2017 04:52 PM

Hi johnsmunoz,

You can definitely configure Radius or LDAP mapping this guides should help you understand and configure this features:

LDAP mapping:

http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/91831-mappingsvctovpn.html

Radius mapping:

http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/117641-config-asa-00.html#anc6

Hope this info helps!!

Rate if helps you!! 

-JP-

0 Helpful
Customers Also Viewed These Support Documents