limit users to remote VPN

Unanswered Question
Feb 19th, 2008

How can I limit users to certain VPN tunnel-groups? For example, I want to use some users only for SSH admin access and others only from remote VPN and they shouldn't be permitted to log in via SSH. PIX 515, 7.2(3), ASDM 5.2, Cisco VPN Client 4.8

TIA

Chris

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
rico_hao40 Wed, 02/27/2008 - 13:01

I use ACS to manage vpn user profile.

The authentication flow is:

UserLogin->ASA->ACS->AD

On ACS you can creat ACL for special user or user-group, when the user authen to ACS, it will auto download the ACL to ASA. it is very flexible.

You can search "VPN ACS" to find an example.

Actions

This Discussion