03-05-2025 02:47 AM
Hi all,
I want to setup a new connection profile for certificate based authentication only.
I want laptop users to power on their devices and login, the AnyConnect application will start up and login - it will the use machine based auth to a radius server which has specific attributes set for some users such as static IP's.
How do I configure this within ASDM?
03-05-2025 03:02 AM - edited 03-05-2025 03:09 AM
@NetworkMonkey101 Certificate authentication is between the client and the headend (ASA), not to the RADIUS server. You could use RADIUS for authorisation, which then dynamically assigns the IP address.
there aren't many offical Cisco guides using ASDM, here is an unoffical guide for setting up the VPN using certificate - https://networkwizkid.com/cisco-asa-certificate-based-remote-access-vpn-authentication/
03-05-2025 05:33 AM
Why only certificate? Why not Certificate + SAML or Certificate + AAA?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide