This Howtos posted under: Cisco, Firewall | Total Visitors Till Now: 1,205

How to configure group lock through the RADIUS server on an ASA

In order to configure group lock, send the group policy name in the class attribute 25 on the Remote Authentication Dial-In User Service (RADIUS) server and choose the group to lock the user into within the policy.

For example, in order to lock the Cisco 123 user into the RemoteGroup group, define the Internet Engineering Task Force (IETF) attribute 25 class OU=RemotePolicy; for this user on the RADIUS server.

Refer to this configuration example in order to configure group lock on an Adaptive Security Appliance (ASA):

group-policy RemotePolicy internal
group-policy RemotePolicy attributes
dns-server value x.x.x.x
group-lock value RemoteGroup

tunnel-group RemoteGroup type ipsec-ra
tunnel-group RemoteGroup general-attributes
address-pool cisco
authentication-server-group RADIUS-Group
default-group-policy RemotePolicy

Coolsearchinfo - A free Social Bookmarking Site

Liked this article? To continue getting our latest free Howtos and Tutorials,
you can also grab the RSS feed or Subscribe to Techgurulive by Email

Not Getting



Related posts
  • Cisco IOS Software Object-group Access Control List Bypass Vulnerability
    More: continued here ...
  • How to setup Folder Redirection In windows
    Folder Redirection is a User group policy. This means that a user for whom you configure folder redirection must have a group policy linked to some folder structure where their...