We have a number of Employees and 3rd Party users who access our VPN. The 3rd parties are from different organisations as they support different pieces of kit. Both may be in multiple AD Groups as both work internally and externally at times.
Upto now we have used an LDAP attribute map to place users in different groups e.g. Employees or Contractors.
I am looking to deploy some Cisco 5525X's and want to use DAP to get more granular on the privileges assigned to Contractors.
Is it possible to somehow identify say Contractor 1 from Contractor 2 through DAP by matching on the different AD Groups that Contractor 1 may be in versus Contractor 2. Separation in this way then allows me to use downloadable ACL's etc.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...