I'm trying to configure the ASA appliance so that a user will be dynamically placed into a particular tunnel group based on an attribute returned from Cisco Secure ACS when the user is authenticated. I have been able to accomplish this on the Cisco VPN 3000 concentrator by returning the IETF Radius Attribute  Class. I need assistance trying to configure the same behavior in the ASA.
On the ACS server - the OU should be the group-policy to which the users should be connected to (group-policy configured on the ASA) and on the group-policy you can specify the group-lock feature to lock the user into the specified tunnel-group.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...