Same username in different Active Directory Groups...
I am having the following issue with VPN authentication. I'm using a VPN 3000 concentrator for VPN access to the corporate network, I have a cisco secure ACS to map Active Directory users and provide authentication to the network.
Now, inside ActiveDirectory I have several usernames repeated and the only way I have so far to differentiate between each other is to group them in different active directory groups. The problem is that each one of this groups have different privileges and access characteristics and I don't know if there is a way to force the VPNClient->Concentrator->ACS->ADS to choose the user within the right group, that is to say
Is there any way to accomplish this behaviour? Could this be possible defining different VPN authentication groups in the VPN concentrator for each Active Directory Group?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...