I'm currently using the class attribute on the ACS server to map users to their correct NAC user role when they access the network via the SSL client (anyconnect) - this is all working ok.
I now need to map users coming in via the SSL clientless option to different group-policies, but the only way I can see to do this is again using the class attribute. I've tried to enter both values in the class text box, but this doesn't work.
Has anyone set this up before or is there another way I can achieve the same thing?
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...