Cisco Bug: CSCvv68330 - ENH: Option to disconnect VPN session based on Group Policy
Sep 23, 2020
- Cisco ASA 5500-X Series Firewalls
Known Affected Releases
Symptom: For certain cases where customers are using AnyConnect, there are scenarios where there is only one connection profile or tunnel-group configured but there might be multiple group policies. Group policy assignment might be through a RADIUS server or through a LDAP Attribute map. But we do not have the option to disconnect a session using the group policy (in case there are changes made to a group policy which need reconnection from all users of that particular group policy). The only suitable options left are to disconnect users on the base of the Username (which takes a long time if the customer has 1000's of users) or using the tunnel group (which will disconnect all users). We need to have a CLI which allows us to clear the VPN sessions of users getting assigned a particular group policy (A CLI similar to the tunnel group option we currently have). Conditions: Using RA VPN with a single connection profile and multiple group policies and need to disconnect users of a specific group policy.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases