[c-nsp] ASA ssl webvpn question

Ryan West rwest at zyedge.com
Tue Jan 11 07:34:54 EST 2011


dalton wrote:
> Hi all,
> I am in the process of reading through docs etc on this, but was 
> hoping someone maybe has done this before and can give me a quick answer.
> 
> I have an ASA running ssl vpn as well as normal remote access (cisco client based).
> What I am trying to do is exclude 1 particular user from using the ssl vpn.
> 
> Is there a way to do this via tunnel-group or group-policy?
> 
> Thanks for any insight.

It depends on where your user database is.   You can assign group-policy membership on the ASA for each user, via RADIUS attributes, or through an LDAP dig.  You can use DAP to combine the responses as well.  Each group policy can have specific vpn-tunnel-protocols assigned to it.

-ryan 



More information about the cisco-nsp mailing list