I am trying to configure downloadable ACLs for the users and groups that will be accessing our network via RA VPN on an ASA5510.
Currently everything is working with the exception of the downloadable ACL component restricting the traffic.
THe RA config has been in place for a while using Cisco client through the ASA.
I have the ACL configured per the syntax shown, and the ACL is applied to a test user, but I can still get to everything beyond what the ACL is restricting
The tunnel groups are configured to use TACACS and not RADIUS for authentication.
I read that one of the requirements was that the authentication had to be RADIUS to use the downloadable ACL with the ACS.
Would it be easier to restrict the groups directly in the ASA appliance in the RA tunnel config?