I am running ASL 3.218 and have successfully created VPN connections using the 'Host to Net - Static / Dynamic - X509' document found on this site.
My question is in the area of multiple roadwarrior connections. As it stands, I have one certificate that I have distributed to a number of VPN users. I have three VPN connections defined which is associated to the one certificate that has been distributed.
Now I want to redesign my configuration that will allow for better access control by remote VPN users. In my testing, I have created a number of IPSec connections and associated those connections with unique certificates that I have created. I am using the original CA and the original Host CSR when creating the above certificates. The problem I am running into is if I disable an IPSec connection, the person with the certificate associated with that connection can still create a VPN connection. How would I go about disabling an individual users ability to successfully create a VPN connection?
Thanks for any help!
This thread was automatically locked due to age.
