cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
598
Views
0
Helpful
1
Replies

AnyConnect Essentials VPN - User level access-control with AD authentication

smunzani
Level 1
Level 1

Team,

Below is my setup with VPN.

1. Cisco ASA5525-X running 6.6.1 code with AnyConnect Essentials license

2. Internet Authentication Service(IAS) running on windows 2008 server with active directiory

3. 100+ VPN users. I can divide them in 5 categories. Admins, Employees, Vendors(each vendor with different access), Customers(each customer with different access)

Some people say best approach is DAP, while some say group policies. However I have yet to come across an example config that shows how you can really limit the access via group membership on AD or any other methods.

Any suggestions?

1 Reply 1

Jennifer Halim
Cisco Employee
Cisco Employee

You can configure LDAP and use LDAP to assign each user to a particular group-policy.

Here is the sample config for your reference:

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00808d1a7c.shtml

Hope that helps.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: