Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1313
Views
5
Helpful
4
Replies

Downloadable ACL -- WebVPN

eric_stephens
Level 1
Level 1

‎10-13-2010 10:48 AM

Is it possible to use a Downloadable ACL from the ACS for a WebVPN?

Labels:
0 Helpful
4 Replies 4

eric_stephens
Level 1
Level 1
In response to fadlouni

‎10-21-2010 07:52 AM

Thanks for the response, Fadi.

One of the things we're hoping to do is to create a "shared" Web ACL.  On the ACS you can create "Downloadable IP ACLs" but from there you can't do Web ACLs.  So it sounds like for each individual user we'd have to do in and enter the Web ACL manually.  Does that make sense?  Do you know if there's a way to create a shared Web ACL?

0 Helpful

eric_stephens
Level 1
Level 1
In response to eric_stephens

‎10-21-2010 07:55 AM

I did see that there's a way to create Web ACLs under the Dynamic Access Policies in the ASDM.  However, that's only for all-permit or all-deny entries.  We'd like to have entries that filter on specific URLs.

0 Helpful

fadlouni
Level 1
Level 1
In response to eric_stephens

‎10-21-2010 12:11 PM

Indeed DAP webvpn acls won't work if you mix deny and permit. also ACS downloadable access-lists only support ip acls not webvpn.

to save time on configuring this for every users, you can group the same type of users under a group and apply the webvpn acl on the group level.

Hope this helps.

Regards,

Fadi.

0 Helpful
Customers Also Viewed These Support Documents