Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Locking users in a specific Group -- remote access IPSec VPN on ASA

Hi, Experts,

I am working on a project  trying to setup Remote Access IPsec VPN  for my customer. I am using a ASA 5520 terminating  VPN.  The authentication path is like this: ASA5520 --- ACS 3.2 ---- Token Server.  The Token server has accounts for all the employees of the company. The ACS server does not have any static accounts configured, it simply forward the Radius request to the Token server.  The Remote Access IPsec VPN is designed for sales department use only. I have setup the system, but under the current setup, anyone that has a token card can pass the authentication and connect to the VPN.

My question is: how to configure the ASA or ACS server to allow ONLY sales persons to connect to the VPN while using the company provided Token card.

Thanks a lot!

Everyone's tags (5)

Re: Locking users in a specific Group -- remote access IPSec VPN

CreatePlease login to create content