cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
399
Views
5
Helpful
2
Replies

Anyconnect Remote User VPN

keithcclark71
Level 3
Level 3

I have 4 sites that I need remote user anyconnect VPN configured within Firepower Management Center 6.6.5. Only one of these sites is Domain configured. I can setup anyconnect to use the Radius configured Network Policy Server however with the other 3 sites it is all workgroup based systems. Is there anyway I can create VPN users for these remote tail site users to authenticate VPN at there own tail site firewall but use the radius authentication at the main domain configured site or do I have to do something different as my understanding is remote user VPN in FMC does not support local AAA users so I need domain authentication?

2 Replies 2

@keithcclark71 yes, you could configure the FTD's to use the RADIUS server at the main site, traffic would have to be routed over the VPN.

 

From FMC version 7.0 this supports local user autentication.

https://www.cisco.com/c/en/us/td/docs/security/firepower/70/relnotes/firepower-release-notes-700/features.html

 

Ill have to try to do that then as I cant move to version 7 although I wish I could. I chose to put 6.6.5 in place because it still supports the user agent and if I were to go to FMC 7 I lose that as it supports ISE PIC.  I can probably revisit ISE PIC with customer in future but we never considered in initial quote and I can't go back to them for additional.

Review Cisco Networking for a $25 gift card