Re: Restricting VPN 3000 Groups [7:51798]

[Shawn Heisey]

Fly,

There's actually a slightly better option.

Send all your users the same profile, and use RADIUS to select the
actual VPN3000 group they will be using.  Set it up so that the group in
their profile has extremely limited access.

http://www.cisco.com/warp/public/471/altigagroup.html

Thanks,
Shawn

Fly Ers wrote:
 
 We are currently using rsa ace server to authenticate vpn clients
connecting
 to vpn3000 concentrator.  we will need to create different groups depending
 on users function, thus several pcf files will need to be deployed.  we
will
 need to  restrict users to a particular vpn concentrator group. For
example,
 a user inadvertently receives the wrong pcf file, we want to be able to
deny
 that user access or limit his/her access.  any recommendations appreciated.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=51838t=51798
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Restricting VPN 3000 Groups [7:51798]

[Fly Ers]

We are currently using rsa ace server to authenticate vpn clients connecting 
to vpn3000 concentrator.  we will need to create different groups depending 
on users function, thus several pcf files will need to be deployed.  we will 
need to  restrict users to a particular vpn concentrator group. For example, 
a user inadvertently receives the wrong pcf file, we want to be able to deny 
that user access or limit his/her access.  any recommendations appreciated.

Thanks.

A Philly Fan



_
Send and receive Hotmail on your mobile device: http://mobile.msn.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=51798t=51798
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]