Setup ACL Cisco ASDM 6.1 (Cisco 5510 series) for Clientless VPN - LDAP/Local

Hey guys.

I am in the middle of setting up a clientless VPN and everything seems to be set (minus certificate, but that doesnt matter right now) but I can't seem to get each custom portal to be its own.

What I am saying is simply, How can I restrict access to other custom portals?

I've already configured Group Policys, AAA Server Groups and LDAP Maps. Two connection profiles have been set as well enabling the drop down menu at login. The problem is, any user with the right password can visit either custom page/portal. Im not sure if I configured the LDAP Map correctly or AAA Groups for that matter.

I also noticed a Web ACL option/setup. Would that by any chance be helpful to my question? If so, I could use some help in setting it up. If there is any screencaptures you would like or current running config let me know. Im a noob on routers at the moment and just started my routing classes on cisco.

I just want controlled access to portals and AD to work, I believe it worked at one point so there must be something that was changed.

ie. User 1 selects Admin = Prohibited User 1 must select Users to proceed
ie. Vendor 1 selects Users/Admin/Other = Prohibited Vendor 1 must select Vendors to proceed
loginwindow.jpg
LVL 1
zenki_fcAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

bkepfordCommented:
Lookup Dynamic Access Policies (DAP) that should get you what you're looking for.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
zenki_fcAuthor Commented:
Well I fixed it :)

it turns out my objects in AD were moved around and the existing map I had configured on the asdm was "invalid" after correcting the paths in ldap-map on cisco and changing some properties in the advanced menus of the tunnel groups I was able to successfully isolate or "point" each user to the right portal.

Now, when Administrators log in they get all the networking functionalities while users and vendors are limited to protocols and other services.

Thanks for your quick response Bkepford!
0
zenki_fcAuthor Commented:
Though the accepted solution is not exactly how the problem was solved it was indeed related to my initial request.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Databases

From novice to tech pro — start learning today.