two questions: IM inspection and SSH access via LDAP
I have two unrelated questions
background: I am running an asa 5505, 8.0.4, using direct LDAP for vpn authentication. no radius or tacacs+ server
1. in regards to IM inspection, I have been able to configure my ASA to filter based on a particular user name signing in to yahoo im. I set the action to log, however whenever I login using that account to test, the ASA drops the connection. It does not drop when using other usernames. I checked the policy setting and it keeps defaulting back to drop instead of log only. any way around this to just log when a given username is used to sign in?
2. I am trying to set up my asa so that I can control who logs in via ssh(ideally any management access) via ldap. I can get the authentication to work, but I would like to restrict it to a given group or group, the same way that I have the VPN set up to match an ldap group. Is this possible and how should i proceed?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...