07-20-2008 11:31 PM - edited 02-21-2020 02:56 AM
Hello,
how many group-policy can I configure on PIx 515E with release 7.x?
Thanks in advance
B.
07-21-2008 12:48 AM
What are you warried about?
07-22-2008 08:01 AM
The number of group-policy is important for me because I've many vpn-client sessions that refer to only one vpn-group.
By radius I authenticate the user and I send to pix the name of group policy that contains the specific address-pool and the split-tunneling acl.
In this way I can associate per-user the address-pool and the split-acl.
The best way would be to have only one group-policy and to send by radius the name of addrress pool and the name of split acl but the pix seems no support these parameters.
Thanks B
07-22-2008 09:48 AM
But why do you want to assign different IP Pools for 'each user'?
Regards
Farrukh
07-23-2008 12:53 AM
I must assign a different pool address because in the second level firewall connected to the pix I have only IP address to identify the users
07-23-2008 11:35 AM
Well then you can use a DHCP server also (instead of AAA).
Regards
Farrukh
07-24-2008 12:17 AM
I haven't a dhcp server and I wouldn't to set the pix as dhcp .
07-21-2008 06:11 AM
Well it should be at least as much as the 'No of VPN Tunnels' supported on the box.
Regards
Farrukh
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide