Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

pix 515 and group-policy

Hello,

how many group-policy can I configure on PIx 515E with release 7.x?

Thanks in advance

B.

7 REPLIES

Re: pix 515 and group-policy

What are you warried about?

Community Member

Re: pix 515 and group-policy

The number of group-policy is important for me because I've many vpn-client sessions that refer to only one vpn-group.

By radius I authenticate the user and I send to pix the name of group policy that contains the specific address-pool and the split-tunneling acl.

In this way I can associate per-user the address-pool and the split-acl.

The best way would be to have only one group-policy and to send by radius the name of addrress pool and the name of split acl but the pix seems no support these parameters.

Thanks B

Re: pix 515 and group-policy

But why do you want to assign different IP Pools for 'each user'?

Regards

Farrukh

Community Member

Re: pix 515 and group-policy

I must assign a different pool address because in the second level firewall connected to the pix I have only IP address to identify the users

Re: pix 515 and group-policy

Well then you can use a DHCP server also (instead of AAA).

Regards

Farrukh

Community Member

Re: pix 515 and group-policy

I haven't a dhcp server and I wouldn't to set the pix as dhcp .

Re: pix 515 and group-policy

Well it should be at least as much as the 'No of VPN Tunnels' supported on the box.

Regards

Farrukh

213
Views
5
Helpful
7
Replies
CreatePlease to create content