Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

Connect users to Specefic VPN Connection Profiles

I am hosting two different customer enviroments behind an ASA.  I have two seperate connection profiles and two seperate usernames that are local to the ASA.  How can I configure a username to only be able to connecto to one of the connection profiles?

 

Thanks,
Chris

2 REPLIES

username user-customer

username user-customer attributes

 group-lock value tunnel-group-name

Hall of Fame Super Silver

In ASDM go to configuration >

In ASDM go to configuration > Remote Access VPN > AAA/Local Users > Local Users and select the uuser you want to modify. Choose Edit and in the window that appears, deselect the "Connection Profile (Tunnel Group) Lock" Inherit checkbox. (The default behavior is to inherit "unlocked" from the DefaultRA or WebVPN Profile for client-based (AnyConnect) and clientless SSL VPN respectively.). Then choose the profile you want to the user to be required to use. Click OK when finished, Apply and Save.

 

(edit - or like Chris posted for the cli mode equivalent)

32
Views
0
Helpful
2
Replies