Here is an overview of what I am looking to implement:
I have 3 different groups of users: "admins", "staff" and "partners".
These groups of users should each have a different level of access to internal network resources.
i.e. admins have access to all networks; staff have access to the NAS, terminal servers, printers and office computers; and partners have access to the internal web server.
This is the hardware and software I have to work with.
ASA 5510 running ASA 8.3(1)
Win2K8R2 AD DC
I can easily configure a policy on the NPS RADIUS server to authenticate users belonging to a particular AD group and then configure the ASA to use that in the connection profile. The problem is that this appears to work for one AD group only. Is there a way to configure this such that we can have a connection profile which requires a specific AD group membership and then assign group policy accordingly?
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...