cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
274
Views
0
Helpful
1
Replies

Clientless SSL VPN - Can I restrist what users can access?

jamesgonzo
Level 1
Level 1

Hi,

I have just started to play around with Clientless SSL VPN on my ASA 5520, I have installed the VNC, RDP, plugins but I can't see a way to lockdown user access, so if "User A" logs in he gets different access to "User B" at the moment if any user logs in (including a non admin) they can see all the bookmarks etc and get the same access each.

I have an external company I only need to access one website too.#

I hope you can shed some light.

Thanks

1 Reply 1

bwilmoth
Level 5
Level 5

To lockdown the user access you can use the command called “group-lock {value tunnel-grp-name | none}” in group-policy configuration mode. It is used to specify whether to restrict remote users to access only through the connection profile. Group-lock restricts users by checking if the group configured in the VPN client is the same as the connection profile to which the user is assigned. If it is not, the security appliance prevents the user from connecting. If you do not configure group-lock, the security appliance authenticates users without regard to the assigned group. Group locking is disabled by default.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: