web VPN privilege

Unanswered Question
Aug 10th, 2009
User Badges:

i want to configure Web vpn in the following scenario

-authentication from the ACS ,& on the same Web vpn certain users will have the privilege to download the ssl client , other users don't have the privilege to download the ssl client ( work as clientless ssl vpn only) ,

is this applicable or not ,& is there any reference

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
sziaulla Mon, 08/10/2009 - 23:28
User Badges:
  • Cisco Employee,

if you are using Radius protocol then you can define 2 group policy on the ASA and assign any specific group policy based on the attribute returned from the ACS.

here is the config example to apply different group policy for users.


in one group policy you can define the web vpn thin client config and in the other group policy you can define either both or only ssl with full tunnel mode.

hope this help...



davidcruise Tue, 08/11/2009 - 10:10
User Badges:

Thanks for your reply ,

but after i configured the group policies on asa & radius attributes on the acs , what is the command that is configured under the group policy to identify it to work as web vpn thin client or as ssl with full tunnel mode


This Discussion