Why VPN authenticates a local user

Unanswered Question
May 1st, 2007


i am using the similar config in my Cisco ASA listed below in the website of the config. in that user marty is a local user name for authenticating the ASA via SSH from LAN, but user marty is also able to login VPN, how do i avoid that MARTY user to deny VPN acces?

my requirement, i should specify a vpn group name eg. anand, & anand only should be allowed for VPN, but he should not be allowed for SSH, vice versa for marty also the same.


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
haroon.shaikh Wed, 05/02/2007 - 17:00

You can configure privilege level of the VPN user to as low as possible so even if he logs into ASA using SSH, he cant do much.

Not sure, about the other way around.

* Please rate if it helps


This Discussion