Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1974
Views
0
Helpful
1
Replies

Dynamic Access Options with FTD

klanard
Level 1
Level 1

‎10-16-2018 03:30 PM - edited ‎02-21-2020 08:21 AM

Is there any way, or has anyone had any luck coming up with a working solution with the current verison of FTD for dynamic access policies on VPN Anyconnect clients using FTD firewalls? Can you use a DACL with ISE or a Radius server? Can you use LDAP group membership to determine which ACL will apply to you? FTD is being sold as a drop in ASA replacement but as a field engineer who implements these I am not seeing a workable workaround for this that can keep a single URL and determine access list by user name as you could with at DAP. If anyone has a suggestion for a method to work around this using FTD it would be appreciated. Its a critical function of remote acess. Thanks!

0 Helpful
1 Reply 1

Mohammed al Baqari
Level 11
Level 11

‎10-16-2018 11:36 PM

Short answer no. I even open a tac ticket for this and got it confirmed.
They said it will be on for the next release of FTD. CoA isn't supported
which is the main problem for DACL not working.
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card