I've some questions about possibilities of the Cisco ASA.
I'm working in a large organization and I need to implement a IPSec VPN Solutions.
Our organization works with a few other large organization and users of the other organizations
must have acces to our VPN solutions. For authentication we thought about placing a RADIUS Server
that forwards the user credentials to our LDAP server, or to RADIUS server of the other organizations.
Thereby we are thinking by placing @organization so that the RADIUS server knows to which
authentication server forward the request.
Configuring this is not a problem but we would like that the RADIUS (no ACS)server sends back to the
ASA which organization (group) the user belongs to so that we can configure groups on the ASA.
So that the users get a specific IP adres that belongs to that group.
So my questions is understand the ASA sending back a group from the radius server so that we
can localy configure groups with there policies?
Or can anyone give me a other advise?