I'm not sure if I've already asked this question. Eventually, I want to have AD authentication for Client VPN. I want to have two AD security groups so they can have different permissions. How can I set this? Because right now, I have a security group called 'VPN Users', but there's no permissions.
I'd be very happy to be wrong, but I believe that we only get one user group for the client VPN, regardless of how we're authenticating our users.
@Nash is correct. You can not assign different permissions automatically.
Once a user has logged on you can assign a group policy to control what they can access and then that will stick. Bit of a pain though.
I do have group policy on the Meraki now, that's how I'm controlling permissions now. How can I do that with the AD?