Fly, There's actually a slightly better option.
Send all your users the same profile, and use RADIUS to select the actual VPN3000 group they will be using. Set it up so that the group in their profile has extremely limited access. http://www.cisco.com/warp/public/471/altigagroup.html Thanks, Shawn Fly Ers wrote: > > We are currently using rsa ace server to authenticate vpn clients connecting > to vpn3000 concentrator. we will need to create different groups depending > on users function, thus several pcf files will need to be deployed. we will > need to restrict users to a particular vpn concentrator group. For example, > a user inadvertently receives the wrong pcf file, we want to be able to deny > that user access or limit his/her access. any recommendations appreciated. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=51838&t=51798 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]