×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Limit simultaneous IPsec connections per user across two ASA

Unanswered Question
Oct 10th, 2013
User Badges:

I have two Cisco ASA devices, providing Client-to-Site IPsec VPN. I want to configure them for RADIUS authentification (Windows NPS) and limit

simultaneous connections per user on both ASA devices. Is it possible?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
JORGE RODRIGUEZ Tue, 10/15/2013 - 17:12
User Badges:
  • Green, 3000 points or more

Hello,


It should be possible if you use ldap which gives you more granularity than radius, if your two ASAs can point to an internal AD structure domain  I dont see why it cannot be possible. I have not come across such scenario, you will need to dig in and look into AD/ldap attribute maps / AD  group policies  etcc.. 



This link may give you some hints  


http://www.cisco.com/en/US/docs/security/asa/asa80/asdm60/selected_topics/enforce_AD.html



Regards

Actions

This Discussion

Related Content