Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

VPN Group Assignment Based on RSA/ACE Groups

I'm currently using a PIX515E to terminate Cisco VPN client tunnels. I would like to assign users to different VPN groups on the firewall based on what group they are members of on our RSA/ACE server.

The only way I see to designate group membership is within the pcf file on the clients machine. I don't want to rely on the security of our pcf files for group membership.

Is it possible to use RSA ACE groups to dictate what VPN group users are assigned to? If not on the PIX515E can another Cisco product do this? And are there instructions somewhere for getting this solution to work.

CreatePlease to create content