ASA 5510 VPN user groups w/ priveliges?

Unanswered Question
Feb 23rd, 2008

Hi there.

I have a customer who just installed a 5510. He has a few users that he wants to limit by application (protocol). For example, user 1 can telnet, vnc and ssh to anywhere on the internal network once vpn'd in, user 2 can only vnc, user 3 can only telnet etc.

Is this possible?

thank you

Bob

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Harald-Norvik Sun, 02/24/2008 - 17:46

Yes, you can do this, with group policies (multiple users) or individual users. Checkout this document, I found it very useful on how to understand the possibilities with the client VPNs on the ASA.

http://www.cisco.com/en/US/docs/security/asa/asa72/vpn3000_upgrade/upgrade/guide/migrate.html

You would use access lists to filter what each user group or user is allowed to do.

Harald.

Actions

This Discussion