WebVPN Tunnel-Group Aliases and URLS

Answered Question
Feb 3rd, 2009
User Badges:

Hi,

<br />

<br />I have a requirement to create a new group policy and a new tunnel-group and apply it to a webvpn user account

<br />

<br />

<br />The web vpn is working fine without any issues when I give a new name under Group Aliases and URL

<br />

<br />My requirement is to use the existing Group Alias for this new tunnel-group. When I enter the existing alias it says it is already used by other tunnel-group

<br />

<br />Please help

Correct Answer by Farrukh Haroon about 8 years 3 months ago

If you use the same group-alias for two tunnel-groups, then how will the firewall distinguish between the two? Let say, as per your requirement you want to have the group-alias 'securevpn' for two tunnel-groups, TG1 and TG2. Now how will the firewall map a user landing on this alias to a group? TG1 or TG2? round-robin? :). This is not possible AFAIK.


Please rate if helpful.


Regards


Farrukh Haroon

CCIE # 20184 (Security)

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.
Correct Answer
Farrukh Haroon Fri, 02/06/2009 - 22:04
User Badges:
  • Red, 2250 points or more

If you use the same group-alias for two tunnel-groups, then how will the firewall distinguish between the two? Let say, as per your requirement you want to have the group-alias 'securevpn' for two tunnel-groups, TG1 and TG2. Now how will the firewall map a user landing on this alias to a group? TG1 or TG2? round-robin? :). This is not possible AFAIK.


Please rate if helpful.


Regards


Farrukh Haroon

CCIE # 20184 (Security)

csaravanan-sym Mon, 02/09/2009 - 14:53
User Badges:

Hi Farrukh,


Thanks for explaining me the concept. It helped me understand that you cannot have two tunnel-groups with the same alias


Thanks,

Chandru

Actions

This Discussion