Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

LDAP and Access to ASDM/SSH

I read through a couple guides and I got my VPN access working using Active Directory. The next task I am interested in taking on, is granting access to SSH and ASDM via Active Directory.

I have figured out a way to do it, but I don't like the behavior. I have created a VPN access group in Active Directory. Anyone placed into this group along side with having the Cisco VPN client software and the Group information can connect to the ASA via VPN. If I go into Device Mangement > AAA Access and enable authentication of privledged mode commands, HTTP/ASDM, and SSH for my AD Server group, I can gain access to these resources however it appears like anyone who is in the VPN group has the same level of access. I would like to create another group in active directory for ASA management and allow privilege level 15 to be applied to invidividuals in this group. How can I go about doing this? Would this be better served by a Radius server?

CreatePlease to create content