Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

web VPN privilege

i want to configure Web vpn in the following scenario

-authentication from the ACS ,& on the same Web vpn certain users will have the privilege to download the ssl client , other users don't have the privilege to download the ssl client ( work as clientless ssl vpn only) ,

is this applicable or not ,& is there any reference

3 REPLIES
Cisco Employee

Re: web VPN privilege

if you are using Radius protocol then you can define 2 group policy on the ASA and assign any specific group policy based on the attribute returned from the ACS.

here is the config example to apply different group policy for users.

http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_configuration_example09186a00808cf897.shtml

in one group policy you can define the web vpn thin client config and in the other group policy you can define either both or only ssl with full tunnel mode.

hope this help...

regards

-Syed

New Member

Re: web VPN privilege

Thanks for your reply ,

but after i configured the group policies on asa & radius attributes on the acs , what is the command that is configured under the group policy to identify it to work as web vpn thin client or as ssl with full tunnel mode

Cisco Employee

Re: web VPN privilege

here is the example for ssl vpn (webvpn) configuration:

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00806ea271.shtml

and here is the sample config for ssl full client config:

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008071c428.shtml

i hope this helps.

thanks

-Syed

251
Views
0
Helpful
3
Replies
CreatePlease to create content