Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

Different vpn user with different portal using same logon page

We are going to enable VPN access on ASA5585X. We would like to have the same web login page for all users.

By authenticating the user against an ISE, which forwards the authentication request to Active directory servers, a specific web portal page is presented to different groups of user. Can it be accomplished on the ASA using dynamic access policies? Or any other workaround?

Thanks a lot.

3 REPLIES

Different vpn user with different portal using same logon page

Hello Daniel,

So you want to show the login page for any user even if they belong to different tunnel-groups?

Is that what you are asking?

I think that you could use group-locks and then with that you will bypass any drop-down list and just make sure the banners, etc information is the same for all of them!.

Not sure if that was what you were asking...

For more information about Core and Security Networking follow my website at http://laguiadelnetworking.com

Any question contact me at jcarvaja@laguiadelnetworking.com

Cheers,

Julio Carvajal Segura

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
Community Member

Re: Different vpn user with different portal using same logon pa

Yes I want all users to see the same login page even if they belong to different tunnel-groups.

After logging in they would only see resources that they are allowed to access.

The user accounts are all in the Active directory. Can I still use group locks?

Re: Different vpn user with different portal using same logon pa

Hello Daniel,

Yes, U should.

Here is one discussion about group-locks via ACS (I know you are using ISE). You can see at least the logic behind it and the attribute values being mapped

https://supportforums.cisco.com/thread/2063181

For more information about Core and Security Networking follow my website at http://laguiadelnetworking.com

Any question contact me at jcarvaja@laguiadelnetworking.com

Cheers,

Julio Carvajal Segura

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
153
Views
0
Helpful
3
Replies
CreatePlease to create content