Assign VPN Group Policy via Radius and Microsoft NPS server
I'm using Microsoft Network Policy server (formerly known as IAS server) for Radius Authentication. Is there a way to configure NPS so it will assign a VPN Group Policy on the ASA? Basically, I'd like to create multiple VPN group policies for different types of users and assign them via AD groups so when the user logs in to the VPN they get the Policy designed for them.
Re: Assign VPN Group Policy via Radius and Microsoft NPS server
Yes, this works just fine with Microsoft NPS. In a nutshell, you tell NPS to return the radius attribute 25 (It's called "Class") and assign it the value of ou=MyVPNGroupPolicy where MyVPNGroupPolicy is the name of your group policy in the ASA.
I want to say this option is under the standard radius attributes on one of the last configuration screens of the wizard. You do NOT need to configure this using an LDAP setup, you can continue to use NPS, just like you did IAS.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...