cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
267
Views
0
Helpful
1
Replies

limit users to remote VPN

reachonenetadm
Level 1
Level 1

How can I limit users to certain VPN tunnel-groups? For example, I want to use some users only for SSH admin access and others only from remote VPN and they shouldn't be permitted to log in via SSH. PIX 515, 7.2(3), ASDM 5.2, Cisco VPN Client 4.8

TIA

Chris

1 Reply 1

rico_hao40
Level 1
Level 1

I use ACS to manage vpn user profile.

The authentication flow is:

UserLogin->ASA->ACS->AD

On ACS you can creat ACL for special user or user-group, when the user authen to ACS, it will auto download the ACL to ASA. it is very flexible.

You can search "VPN ACS" to find an example.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: