Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

PIX, ASA or VPN concentrator & dynamic VPN

Hi all,

I need help what to use and how to do next.

What we need is to create remote VPN for many users so that every user is member of more than one group and every group is linked to predefined set of rules, for instance you can access this IPs, ports and so on.

How to do that dynamically? Is it possible to do that with one certificate?

Other question is what to use? ..PIX, ASA, VPN concentrator ?

BR

jl

3 REPLIES

Re: PIX, ASA or VPN concentrator & dynamic VPN

The PIX and VPNC are both end of sale products now and unless you already have them your only choice is IOS or ASA. Of those two the ASA is the Cisco preffered platform for Remote Access VPNs.

You can map users to groups using Active Directory OUs, let them select a group at logon, have different logon URLs per group etc. However as far as I know this is not possible:

"every user is member of more than one group "

Some links:

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008089149d.shtml

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00808bd83d.shtml

With remote access IPSEC VPNs you can either define the groups on the ASA or externally on the ACS Server.

Pls. rate if helpful.

Regards

Farrukh

Re: PIX, ASA or VPN concentrator & dynamic VPN

Does you question relate to RemoteAccess IPSEC or SSL VPNs?

Regards

Farrukh

Gold

Re: PIX, ASA or VPN concentrator & dynamic VPN

115
Views
0
Helpful
3
Replies
CreatePlease login to create content