VPN Clients connecting to an ASA box with different rules.
I have a set of different VPN clients connecting to an ASA.
I would like to set up different rules for every client (some users are able to access certain parts of the network and other users will only be allowed to other portions).
My assumption is that this can only be done through AAA and CSS, but I am not sure if there is any other way to do it unless I assign a static/single IP address to each user and make my access-list bigger. I'll appreciate any input on the matter.
Re: VPN Clients connecting to an ASA box with different rules.
Adding to what you suggested, you could create separate tunnel-groups with different address pools. Then write your acl's for those networks. Hopefully the vpn-filter acl will evolve as a useful alternative instead, but I'm yet to see it work properly.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...