Allowing groups instead of single user access for Okta MFA with VPN for Cisco ASA.
Has anyone attempted to allow groups instead of a per user access when setting up the DAP for Okta MFA with Cisco ASA? I'm following the config document, https://support.okta.com/help/blogdetail?id=a67F0000000blQKIAY, and when I get to 'Configure the Dynamic Access Policy' I can only allow on a per user. I would like to add/allow a group and avoid adding 200+ users individually.
If you look in the red rectangle, you have to allow on a per user basis.
Thanks for posting your inquiry in Okta Community.
I think you're on the right path on setting your environment to use DAP on Cisco ASA to control your user access on a per tunnel or session basis. I think you can achieve your task at hand on adding Groups on DAP by changing your configuration on Cisco ASA AAA attribute to point in an LDAP or RADIUS server. For this solution you need to setup your own LDAP/RADIUS server. For more information please check this link: