cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
751
Views
0
Helpful
4
Replies

Smart tunnel access using a dynamic access policy

rluyster
Level 1
Level 1

Is there a way to define a smart tunnel list to a specific dynamic access policy.

I need to tunnel different applications depending upon the group users are assigned to within AD. Since the DAP seems to use the DftGrpPolicy, I do not want to define the smart tunnel list on that policy since it would hand it out to all users, but I have been unable to find where this can be added.

4 Replies 4

owillins
Level 6
Level 6

Dynamic access policies (DAP), a new feature introduced in software release v8.0 code of the Adaptive Security Appliance (ASA), enable you to configure authorization that addresses the dynamics of VPN environments. You create a dynamic access policy by setting a collection of access control attributes that you associate with a specific user tunnel or session. These attributes address issues of multiple group membership and endpoint security.

http://www.cisco.com/en/US/products/ps6120/products_white_paper09186a00809fcf38.shtml#t3

williamelkin
Level 1
Level 1

Have you figured this out. I am tring to do the same thing.

Sorry to say, but no, I finally set it up to start all the STs on the default policy, not the best solution, but at least it works.

gabrielcossette
Level 1
Level 1

Hi,

I'm also trying to do the same thing on the latest ASA 8.4 without success.

Anyone knows if Cisco is planning to add that feature later on?

Thanks.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: