WebVPN Tunnel-Group Aliases and URLS

Answered Question
Feb 3rd, 2009

Hi,

<br />

<br />I have a requirement to create a new group policy and a new tunnel-group and apply it to a webvpn user account

<br />

<br />

<br />The web vpn is working fine without any issues when I give a new name under Group Aliases and URL

<br />

<br />My requirement is to use the existing Group Alias for this new tunnel-group. When I enter the existing alias it says it is already used by other tunnel-group

<br />

<br />Please help

I have this problem too.
0 votes
Correct Answer by Farrukh Haroon about 7 years 11 months ago

If you use the same group-alias for two tunnel-groups, then how will the firewall distinguish between the two? Let say, as per your requirement you want to have the group-alias 'securevpn' for two tunnel-groups, TG1 and TG2. Now how will the firewall map a user landing on this alias to a group? TG1 or TG2? round-robin? :). This is not possible AFAIK.

Please rate if helpful.

Regards

Farrukh Haroon

CCIE # 20184 (Security)

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.
Correct Answer
Farrukh Haroon Fri, 02/06/2009 - 22:04

If you use the same group-alias for two tunnel-groups, then how will the firewall distinguish between the two? Let say, as per your requirement you want to have the group-alias 'securevpn' for two tunnel-groups, TG1 and TG2. Now how will the firewall map a user landing on this alias to a group? TG1 or TG2? round-robin? :). This is not possible AFAIK.

Please rate if helpful.

Regards

Farrukh Haroon

CCIE # 20184 (Security)

csaravanan-sym Mon, 02/09/2009 - 14:53

Hi Farrukh,

Thanks for explaining me the concept. It helped me understand that you cannot have two tunnel-groups with the same alias

Thanks,

Chandru

Actions

This Discussion