Solved: Re: Remote Access to Network when AAA server is down help

dan hale · ‎01-03-2013

Hi All, I have a Cisco ASA 5510. I have configured Cisco Anyconnect to authenticate via Windows IAS. We had an outage of that server recently and I tried to remote in via anyconnect and could not. Once the IAS server came up I could get back into the network.

Is there a command that I'm missing that will let me use Anyconnect to connect into the network even if my AAA server is down?

Here is my command of the AAA part of the config....

aaa-server WindowsIAS protocol radius

max-failed-attempts 5

aaa-server WindowsIAS (inside) host 192.168.2.15

key xxxxxxxxxx

radius-common-pw xxxxxxxxxx

Thanks in advance....Dan

Tarik Admani · ‎01-03-2013

Dan,

Try to append the LOCAL key word to your authentication-server-group statement in your tunnel group or group policy.

http://www.cisco.com/en/US/docs/security/asa/asa90/command/reference/a3.html#wp1719328

Thanks,

Sent from Cisco Technical Support iPad App

View solution in original post

Tarik Admani · ‎01-03-2013

Dan,

Try to append the LOCAL key word to your authentication-server-group statement in your tunnel group or group policy.

http://www.cisco.com/en/US/docs/security/asa/asa90/command/reference/a3.html#wp1719328

Thanks,

Sent from Cisco Technical Support iPad App

dan hale · ‎01-07-2013

Wow Thanks....that was much easier than I thought. Picked the correct tunnel group and tested...worked!!

Thanks,

Dan

Remote Access to Network when AAA server is down help

Secure Access: Network Tunnel Groupの接続におけるFTDのECMP設定例

Remote VPN access LDAP Server Group DC authentication issues

IOS-XEとAnyconnectでRemote Access FlexVPNを設定

IKEv2 Remote Access VPN Failure to Connect

Secure Access: Network Tunnel Groupの接続におけるCPEルータの機器冗長設定例