08-10-2009 09:30 AM
i want to configure Web vpn in the following scenario
-authentication from the ACS ,& on the same Web vpn certain users will have the privilege to download the ssl client , other users don't have the privilege to download the ssl client ( work as clientless ssl vpn only) ,
is this applicable or not ,& is there any reference
08-10-2009 11:28 PM
if you are using Radius protocol then you can define 2 group policy on the ASA and assign any specific group policy based on the attribute returned from the ACS.
here is the config example to apply different group policy for users.
in one group policy you can define the web vpn thin client config and in the other group policy you can define either both or only ssl with full tunnel mode.
hope this help...
regards
-Syed
08-11-2009 10:10 AM
Thanks for your reply ,
but after i configured the group policies on asa & radius attributes on the acs , what is the command that is configured under the group policy to identify it to work as web vpn thin client or as ssl with full tunnel mode
08-11-2009 11:36 AM
here is the example for ssl vpn (webvpn) configuration:
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00806ea271.shtml
and here is the sample config for ssl full client config:
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008071c428.shtml
i hope this helps.
thanks
-Syed
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: