Community Spotlight Award,
Best Publication, May 2016
I'm using Windows 2003 IAS to do authentication for my ASA ver 8.0.4.
On the ASA I use group policy's and vpn-filter along with access-lists to control the access that IPSEC VPN users have. The access-list allows access to a common pool of servers that all need access to and deny's access to the rest of the network.
I have a bunch of users that when on the VPN they need RDP access to their PC. Up to this point I have been just adding a new permit line to the access-list that's attached to vpn-filter. This has worked however it also allows UserA access to UserB and UserC's PC. This is quickly growing into swiss cheese with all the holes.
I'm looking for a way to give access to UserA to her PC but not UserB and UserC's PC and also allow all users access to the common server pool.
Any ideas ? Thanks Much!