Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1928
Views
0
Helpful
1
Replies

Dynamic Access Options with FTD

klanard
Level 1
Level 1

‎10-16-2018 03:30 PM - edited ‎02-21-2020 08:21 AM

Is there any way, or has anyone had any luck coming up with a working solution with the current verison of FTD for dynamic access policies on VPN Anyconnect clients using FTD firewalls? Can you use a DACL with ISE or a Radius server? Can you use LDAP group membership to determine which ACL will apply to you? FTD is being sold as a drop in ASA replacement but as a field engineer who implements these I am not seeing a workable workaround for this that can keep a single URL and determine access list by user name as you could with at DAP. If anyone has a suggestion for a method to work around this using FTD it would be appreciated. Its a critical function of remote acess. Thanks!

0 Helpful
1 Reply 1

Mohammed al Baqari
Level 11
Level 11

‎10-16-2018 11:36 PM

Short answer no. I even open a tac ticket for this and got it confirmed.
They said it will be on for the next release of FTD. CoA isn't supported
which is the main problem for DACL not working.
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card