authorization for ezvpn

From: C SAMARTH (samarth_04@hotmail.com)
Date: Sat Aug 25 2007 - 12:09:59 ART

• Next message: ma59 us: "test"
• Previous message: Narbik Kocharians: "Re: Is this allowed?"
• Next in thread: Jason W. Miller: "Re: authorization for ezvpn"
• Maybe reply: Jason W. Miller: "Re: authorization for ezvpn"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi Security Gurus,

 what is the difference when we enable authorization-required in the
tunnel-group general atrributes v/s tunnel-group ipsec attributes on the ASA.

ip local pool pool 192.168.11.1-192.168.11.254vpn-addr-assign local
tunnel-group ratunnel type ipsec-ratunnel-group ratunnel general-attributes
address-pool pool
 authorization-server-group LOCAL default-group-policy group1
authorization-required <----------------------------**
tunnel-group ratunnel ipsec-attributes pre-shared-key *
authorization-required <---------------------------- **
ASA-1(config)# sh run group-policygroup-policy group1 internalgroup-policy
group1 attributes group-lock value ratunnel vpn-idle-timeout 10

Best Wishes,
SAMARTH
CCIE #18535

• Next message: ma59 us: "test"
• Previous message: Narbik Kocharians: "Re: Is this allowed?"
• Next in thread: Jason W. Miller: "Re: authorization for ezvpn"
• Maybe reply: Jason W. Miller: "Re: authorization for ezvpn"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Sep 01 2007 - 11:32:13 ART