FTD Group Policy Objects
A group policy is a set of attribute and value pairs, stored in a group policy object, that define the remote access VPN experience. For example, in the group policy object, you configure general attributes such as addresses, protocols, and connection settings.
The group policy applied to a user is determined when the VPN tunnel is being established. The RADIUS authorization server assigns the group policy, or it is obtained from the current connection profile.
Note | There is no group policy attribute inheritance on the FTD. A group policy object is used, in its entirety, for a user. The group policy object identified by the AAA server upon login is used, or, if that is not specified, the default group policy configured for the VPN connection is used. The provided default group policy can be set to your default values, but will only be used if it is assigned to a connection profile and no other group policy has been identified for the user. |
To use group objects, you must have one of these AnyConnect licenses associated with your Smart License account with Export-Controlled Features enabled:
-
AnyConnect VPN Only
-
AnyConnect Plus
-
AnyConnect Apex