Hi,
I'm trying to configure RADIUS to authenticate users and tell ASA which Tunnle Group they should use.
The RADIUS server is an ACS 4.0 with connection to an external database which is MS Active Directory.
The authentication works but I'm having trouble in determining which is the RADIUS VSA I should use to send the Tunnel Group info to the ASA.
At this momento I'm using RADIUS (Cisco VPN 3000/ASA/PIX 7.x+) and the avpair [026/3076/085] Tunnel-Group-Lock. Here, I'm specifuing the corresponding Tunnel Group.
The ASA seems to ignore this av because the user is always put in DefaultWebVPNGroup Tunnel Group.
Any idea?
Thanks in advance
Paulo Vasconcelos