I am running an ASA with multiple VPN Client groups, all authenticating against the same AAA server. Is there a way of preventing a user connecting on an individual group if the know the PSK.
What I want to be able to do is publish the PCF files internally, but prevent unauthorised access.. i.e. only users in the Finance AAA group can connect to the Finance VPN, but everyone can connect to the Users VPN group.
I want to keep as much configuration on the ASA as possibly, with just authentication on the AAA, as we may change AAA server in the future.