Hi all This link explains that the group name sent by the client should match XXXX of the group-lock value "XXXX"
http://www.cisco.com/en/US/docs/security/asa/asa81/command/ref/gh.html#wp1755271 This link explains that the attribute 25 class *OU=RemotePolicy* field of the user in Radius should match XXXX of group-lock value "XXXX". With ASA local database authentication the "memberof" should match XXXX of group-lock value "XXXX". http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_qanda_item09186a00805b87d8.shtml#newqa With regards Kings
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
