×
INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Students Click Here

Cisco ASA Clientless VPN and AnyConnect VPN

Cisco ASA Clientless VPN and AnyConnect VPN

Cisco ASA Clientless VPN and AnyConnect VPN

(OP)
Is there a way to allow access to Clientless (webvpn) for some users but not to AnyConnect? We want powerusers to use AnyConnect and normal users to use the Clientless. Right now all users can access either one. We're using IAS RADIUS for authentication. Thanks.

RE: Cisco ASA Clientless VPN and AnyConnect VPN

You will have to map your vpngroups to a policy via IAS.

RE: Cisco ASA Clientless VPN and AnyConnect VPN

(OP)
How do I tell Cisco which policy in IAS to use? The only information that I can configure in Cisco are IAS' IP address, secret key and encryption type.
Thanks.

RE: Cisco ASA Clientless VPN and AnyConnect VPN

On the ASA create two group-policies; power_users_policy and users_policy (for example). In the power_users_policy be sure to add vpn-tunnel-protocol webvpn and in users_policy add vpn-tunnel-protocol svc. In Windows create two groups, VPN_power_users and VPN_users (as an example); add your users to each group. In IAS create two policies; VPN_power_users_policy and VPN_users_policy. Edit each policy and be sure to use Windows-Groups as a policy condition and add VPN_power_users into one policy and VPN_users into the second policy. Click Edit profile and go to the Advanced tab. Click add. Find the Class attribute and add it. In the space provided type in OU=power_users_policy (in exact case) and add OU=users_policy (in exact case) in the second policy.  

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members! Already a Member? Login


Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close