Hello Cisco Community,
I am looking for an easy way to create a new access profile on my Cisco ASA 8.4.7 (using AnyConnect) and filtering the public source ip addresses authorized to connect to one specific remote access profile.
I wanted to create a new DAP entry in my table with a well known remote user attribute by the ASA: the remote user public ip address where anyconnect is initiating the VPN connection from. But after reading all the Cisco guides, I see no aaa attribute which I may use in a LUA custom condition to filter the source IP address of my remote users. Is there a non referenced attribute containing the user public ip address which I can use in a DAP record ?
Do you see any other ASA implementation where I may filter the source ip address considering that there are other connection profiles on the same ASA gateway which may not be impacted by this filtering condition ? --> so no interface ACL possible.
Thanks for your help,
Joan