Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
334
Views
0
Helpful
1
Replies

two questions: IM inspection and SSH access via LDAP

ryancolson
Level 1
Level 1

‎08-30-2008 04:50 PM - edited ‎03-11-2019 06:38 AM

I have two unrelated questions

background: I am running an asa 5505, 8.0.4, using direct LDAP for vpn authentication. no radius or tacacs+ server

1. in regards to IM inspection, I have been able to configure my ASA to filter based on a particular user name signing in to yahoo im. I set the action to log, however whenever I login using that account to test, the ASA drops the connection. It does not drop when using other usernames. I checked the policy setting and it keeps defaulting back to drop instead of log only. any way around this to just log when a given username is used to sign in?

2. I am trying to set up my asa so that I can control who logs in via ssh(ideally any management access) via ldap. I can get the authentication to work, but I would like to restrict it to a given group or group, the same way that I have the VPN set up to match an ldap group. Is this possible and how should i proceed?

Labels:
0 Helpful
1 Reply 1

Marwan ALshawi
VIP Alumni
VIP Alumni

‎09-01-2008 02:42 AM

can u post ur config for the first question

then we can find if there is an error in the config or not

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card