Anyone tell me where I am making mistake or missing.
I have a ASA with 8 different tunnel groups for IPsec vpn. IPsec working fine, and tested. we have some 100+ users using RSA token. RSA integrated with ACS 5.4 and authentication working fine.
My goal is...
any user using (example ABC tunnel-group and ABC group-policy) ABC tunnel-group should get ABC group policy. same like for all the 8 groups.
and the troubles is to match the incoming tunnel-group in ACS access-policy. I can use the radius class 25 attribute to tell the ASA to select the particular group-policy. its working. But how could I match the incoming tunnel-group. Which radius attribute should I use? or any other method. I am not sure what i am missing...
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...