Hi Aref,

thanks for your reply!

Here comes the requested output (with deleted public IP address and deleted URL-alias):

firewall-01# show run tunnel-group
tunnel-group DefaultWEBVPNGroup general-attributes
 address-pool pool-anyconnect-user
 authentication-server-group DUO
 default-group-policy gp-ac-user
tunnel-group <public_IP-addr> type ipsec-l2l
tunnel-group <public_IP-addr> general-attributes
 default-group-policy .DefaultS2SGroupPolicy
tunnel-group <public_IP-addr> ipsec-attributes
 ikev1 pre-shared-key *****
tunnel-group duo type remote-access
tunnel-group duo general-attributes
 address-pool pool-anyconnect-user
 authentication-server-group DUO
 default-group-policy gp-ac-user
tunnel-group duo webvpn-attributes
 group-url https://<alias_name>/duo enable
tunnel-group AnyConnectAzureSAML type remote-access
tunnel-group AnyConnectAzureSAML general-attributes
 address-pool pool-anyconnect-user
 authentication-server-group Knowis-AD
 default-group-policy gp-ac-user

Hope this will enlight the situation.

Thanks a lot!


Bye
R.