Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Setup ACL Cisco ASDM 6.1 (Cisco 5510 series) for Clientless VPN - LDAP/Local

Posted on 2009-07-14
3
869 Views
Last Modified: 2013-12-24
Hey guys.

I am in the middle of setting up a clientless VPN and everything seems to be set (minus certificate, but that doesnt matter right now) but I can't seem to get each custom portal to be its own.

What I am saying is simply, How can I restrict access to other custom portals?

I've already configured Group Policys, AAA Server Groups and LDAP Maps. Two connection profiles have been set as well enabling the drop down menu at login. The problem is, any user with the right password can visit either custom page/portal. Im not sure if I configured the LDAP Map correctly or AAA Groups for that matter.

I also noticed a Web ACL option/setup. Would that by any chance be helpful to my question? If so, I could use some help in setting it up. If there is any screencaptures you would like or current running config let me know. Im a noob on routers at the moment and just started my routing classes on cisco.

I just want controlled access to portals and AD to work, I believe it worked at one point so there must be something that was changed.

ie. User 1 selects Admin = Prohibited User 1 must select Users to proceed
ie. Vendor 1 selects Users/Admin/Other = Prohibited Vendor 1 must select Vendors to proceed
loginwindow.jpg
0
Comment
Question by:zenki_fc
  • 2
3 Comments
 
LVL 15

Accepted Solution

by:
bkepford earned 250 total points
ID: 24850826
Lookup Dynamic Access Policies (DAP) that should get you what you're looking for.
0
 
LVL 1

Author Comment

by:zenki_fc
ID: 24851486
Well I fixed it :)

it turns out my objects in AD were moved around and the existing map I had configured on the asdm was "invalid" after correcting the paths in ldap-map on cisco and changing some properties in the advanced menus of the tunnel groups I was able to successfully isolate or "point" each user to the right portal.

Now, when Administrators log in they get all the networking functionalities while users and vendors are limited to protocols and other services.

Thanks for your quick response Bkepford!
0
 
LVL 1

Author Closing Comment

by:zenki_fc
ID: 31603303
Though the accepted solution is not exactly how the problem was solved it was indeed related to my initial request.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
When it comes to protecting Oracle Database servers and systems, there are a ton of myths out there. Here are the most common.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question