Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Dynamic tunnel assingment

I'm trying to configure the ASA appliance so that a user will be dynamically placed into a particular tunnel group based on an attribute returned from Cisco Secure ACS when the user is authenticated. I have been able to accomplish this on the Cisco VPN 3000 concentrator by returning the IETF Radius Attribute [25] Class. I need assistance trying to configure the same behavior in the ASA.

Thanks!

1 ACCEPTED SOLUTION

Accepted Solutions
Community Member

Re: Dynamic tunnel assingment

Attached is a document I wrote on how to accomplish this on an ASA 7.2(2) with RSA Authentication Manager (Funk Radius server built-in)...

2 REPLIES
Community Member

Re: Dynamic tunnel assingment

Attached is a document I wrote on how to accomplish this on an ASA 7.2(2) with RSA Authentication Manager (Funk Radius server built-in)...

Cisco Employee

Re: Dynamic tunnel assingment

On the ACS server - the OU should be the group-policy to which the users should be connected to (group-policy configured on the ASA) and on the group-policy you can specify the group-lock feature to lock the user into the specified tunnel-group.

Hope this helps.

Let me know if you have any questions.

Cheers,

Gilbert

174
Views
3
Helpful
2
Replies
CreatePlease to create content