We are implementing a new AnyConnect VPN solution using certificate based authentication. One of the key requirements is to create 3 different group polices whereby the appropriate restrictions will be applied. The requires that user recieve IP addresses from different pools and filtering will be applied based on these incoming addresses.
I am trying to achieve the following:
1. Being certificate based authentication, user is not required to enter login credentials. The user certificate should be used to authenticate the user. (this is currently working)
2. Based on the "some attribute" in the certificate -> I want to map the user to a specific group policy on the ASA and ultimately to the corresponding group on LDAP. This way, the filtering on the group policy will then kick in.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...