Hi,
Anyone tell me where I am making mistake or missing.
I have a ASA with 8 different tunnel groups for IPsec vpn. IPsec working fine, and tested. we have some 100+ users using RSA token. RSA integrated with ACS 5.4 and authentication working fine.
My goal is...
any user using (example ABC tunnel-group and ABC group-policy) ABC tunnel-group should get ABC group policy. same like for all the 8 groups.
and the troubles is to match the incoming tunnel-group in ACS access-policy. I can use the radius class 25 attribute to tell the ASA to select the particular group-policy. its working. But how could I match the incoming tunnel-group. Which radius attribute should I use? or any other method. I am not sure what i am missing...
Regards
Kumar