Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

webvpn selective user

Hi,

I have configured webvpn as well and ipsec client vpn on asa 5510 7.2(3). I want webvpn to be enabled only for selected ids, at present all ipsec client vpn users are also able to login to web vpn.

Gaurang.

1 REPLY
Bronze

Re: webvpn selective user

I'm able to do it using 5510, MS 2003 AD as LDAP, and MS 2003 IAS as RADIUS.

- Create users and assign to their group in AD

- Create policy per user group. i.e. destination IP Address and ports.

User login by just knowing their username and password. Their usergroup is transparent to them, there is no drop-down list for user to select their group.

The downside of this is that you cannot assign different IP Pool per usergroup. If you want different IP Pool per user group, they wil lsee the drop-down list and they have to select their usergroup from the list. If they select the wrong usergroup, they will not be able to login. If you have too many usergroup, it wil lnot be pretty to see them all in the drop-down list.

http://www.cisco.com/en/US/docs/security/security_management/cisco_security_manager/security_manager/3.2/user/guide/pobjpage.html

113
Views
0
Helpful
1
Replies
CreatePlease to create content