Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
192
Views
0
Helpful
1
Replies

VPN3005 - can I use 2 groups, 1st with unlimited access, 2nd with security

david.bradley
Level 1
Level 1

‎10-18-2002 04:56 AM - edited ‎03-09-2019 12:43 AM

Firstly I have never use a VPN3000 concentrator..

---

I have two sets of users

1. Trusted company users using remote access VPS.

2. Less trusted sister company users using remote VPN.

I would like to use an external RADUIS server for user authentication.

-----

I would like to do the following-

Allow the trusted users to authenticate and allow them full access to the internal network.

I want less trusted users to authenticate and only allow limited access (to specific servers)

Can this be sone effectively?

If so how does this work?

I know you can set up "groups" but how does this work and how does the VPN3000 know which type of user applies to each group?

Thanks,

Dave

Labels:
0 Helpful
1 Reply 1

edadios
Cisco Employee
Cisco Employee

‎10-20-2002 04:54 PM

Setup 2 internal groups on the concentrator. Then for the ipsec authentiaction, set radius. http://www.cisco.com/warp/public/707/CiscoSecure.html . This will get the users be authenticated viua a radius.

Then look at this sample for the filtering:

http://www.cisco.com/warp/public/471/filter.html .

Regards,

0 Helpful
Customers Also Viewed These Support Documents