A user at home connects via SSL VPN is authenticated by Cisco ACS/RADIUS. User ends up in a specifig SSL VPN group on the ACS. This group is configured with specific properties for SSL VPN.
Now the same user comes to work with his/her private laptop and wants to access the guest wlan which our policy allows. We have a WLC4402 providing the guest wlan. User opens browser and logs in to the guest wlan, gets authenticated on the Cisco ACS/RADIUS and ends up in the same SSL VPN group.
My question is can we configure our ACS 4.1 in such way that it is context sensitive? Knows where the user is coming from and places the user in the right group accordingly?
We use LDAP group mappings and they are very static.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...