Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

VPN3005 - can I use 2 groups, 1st with unlimited access, 2nd with security

Firstly I have never use a VPN3000 concentrator..

---

I have two sets of users

1. Trusted company users using remote access VPS.

2. Less trusted sister company users using remote VPN.

I would like to use an external RADUIS server for user authentication.

-----

I would like to do the following-

Allow the trusted users to authenticate and allow them full access to the internal network.

I want less trusted users to authenticate and only allow limited access (to specific servers)

Can this be sone effectively?

If so how does this work?

I know you can set up "groups" but how does this work and how does the VPN3000 know which type of user applies to each group?

Thanks,

Dave

1 REPLY
Cisco Employee

Re: VPN3005 - can I use 2 groups, 1st with unlimited access, 2nd

Setup 2 internal groups on the concentrator. Then for the ipsec authentiaction, set radius. http://www.cisco.com/warp/public/707/CiscoSecure.html . This will get the users be authenticated viua a radius.

Then look at this sample for the filtering:

http://www.cisco.com/warp/public/471/filter.html .

Regards,

87
Views
0
Helpful
1
Replies
CreatePlease to create content