Hello, I am trying to setup above.
My idea is allow only SSL clients, they have a certificate, but maybe I didn't get the concept behind.
I am using local AAA server and did setup users in local AAA database, including group policy, tunel ACLs etc.
I did set up the local CA, created Identity certs, users and its respective certificates in local CA DB.
The relation between users in both databases seems unclear to me. Is the username the link between them ?
How can I define the policy for an user with certificate or how to bind a certificate to the user in local AAA database ?