ASA and RSA SecurID

Answered Question
Nov 28th, 2008

Hello,

I have a question about Cisco AnyConnect and RSA SecurID.

I need to define users to groups in the RSA SecurID server.

When I try to build a tunnel group and profile and then authenticate to RSA server I just see the username.

AAA user authentication Successful : server = 10.210.x.x : user = test

I need the tunnel group name(for authorization) with username to be sent to the RSA server.

AAA user authentication Successful : server = 10.210.x.x : group= tunnel : user = test

Is there any good documents about this?

I have this problem too.
0 votes
Correct Answer by bwilmoth about 7 years 12 months ago

You can create group mappings for some external user databases based on the combination of external user database groups to which users belong. The following database types are the external user database types for which you can create group mappings based on group set membership:

Windows domains.

Generic Lightweight Directory Access Protocol (LDAP).

The following URL may help you in configuring group mapping:

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_solution_engine/4.0/user/guide/qg.html#wp940457

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
bwilmoth Thu, 12/04/2008 - 07:07

You can create group mappings for some external user databases based on the combination of external user database groups to which users belong. The following database types are the external user database types for which you can create group mappings based on group set membership:

Windows domains.

Generic Lightweight Directory Access Protocol (LDAP).

The following URL may help you in configuring group mapping:

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_solution_engine/4.0/user/guide/qg.html#wp940457

Actions

This Discussion