11-04-2010 07:50 AM
We are working on a solution to try to provide tighter control over what internal devices are accessible through VPN connections. We are trying to find a way to deliniate access based on whether or not the client connecting into our VPN is a member of our windows AD domain or not. Is there a way to limit VPN access based on hostname (or domain membership)? We are using AnyConnect for our VPN clients.
11-04-2010 09:09 AM
Take a look at DAP (dynamic access policy) on the ASA.
http://www.cisco.com/en/US/partner/products/ps6120/products_white_paper09186a00809fcf38.shtml
Hope it helps.
11-04-2010 10:48 AM
Thanks Collin. We will take a look and see if that is the solution we need.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide