I am running asa804-k8.bin on ASA 5520.
License is: VPN Plus
We use VPN with cisco VPN-client.
for user authentication i am using tacacs server.
for example:
vpn 1:
ASA:
VPN Group :Group_A
PSK :Very_Secret_A
Authentication server group: Group_A
Server: Tacacs
Tacacs:
group of users: Group_A
User: user1
Password: Password2
vpn 2:
ASA:
VPN Group : Group_B
PSK : Very_Secret_B
Authentication server group: Group_B
Server: Tacacs
Tacacs:
group of users: Group_B
User: user2
Password: Password2
----------------------------------------------------
Problem is: if User1 know the PSK of Group2, he can successfully use VPN2. Same for user1.
Is there any option to disable user1 for Grpou_B???