VPN authenticating to active directory, how to restrict users
i currently have my ASA authenticating VPN users against the active directory in conjunction with the Cisco VPN Client. I got this working great but it seems like anyone with the client is able to authenticate. In active directory under the dial-in tab for a user there is a Remote Access Permission
there are options for Allow Access
Control through remote access
if i have deny selected they can still vpn in.
PLease tell me if there is any way to accomplish this or a workaround. thanks
Re: VPN authenticating to active directory, how to restrict user
I can tell you i'm almost sure there is no document good enogh to explain you that at cisco.com, so i've done a document by myself, i'm sorry it's on portuguese ( my lenguege) you can use some translator to understand it.
There is no explanation for IAS configuration in this document, but you said you have it already
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...