ASA and RSA SecurID

Answered Question
Nov 28th, 2008
User Badges:

Hello,


I have a question about Cisco AnyConnect and RSA SecurID.


I need to define users to groups in the RSA SecurID server.

When I try to build a tunnel group and profile and then authenticate to RSA server I just see the username.

AAA user authentication Successful : server = 10.210.x.x : user = test

I need the tunnel group name(for authorization) with username to be sent to the RSA server.

AAA user authentication Successful : server = 10.210.x.x : group= tunnel : user = test

Is there any good documents about this?


Correct Answer by bwilmoth about 8 years 5 months ago

You can create group mappings for some external user databases based on the combination of external user database groups to which users belong. The following database types are the external user database types for which you can create group mappings based on group set membership:

Windows domains.

Generic Lightweight Directory Access Protocol (LDAP).

The following URL may help you in configuring group mapping:

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_solution_engine/4.0/user/guide/qg.html#wp940457


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
bwilmoth Thu, 12/04/2008 - 07:07
User Badges:
  • Silver, 250 points or more

You can create group mappings for some external user databases based on the combination of external user database groups to which users belong. The following database types are the external user database types for which you can create group mappings based on group set membership:

Windows domains.

Generic Lightweight Directory Access Protocol (LDAP).

The following URL may help you in configuring group mapping:

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_solution_engine/4.0/user/guide/qg.html#wp940457


Actions

This Discussion