Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2192
Views
0
Helpful
3
Replies

FTD 6.2.2.3 Flexconfig for ldap attribute mapping

mcoupe
Level 1
Level 1

‎02-08-2019 10:18 AM - edited ‎02-21-2020 08:47 AM

I'm working from this document: https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvd64585/?reffering_site=dumpcr but the content is lacking a bit of polish and wondering if anyone has been able to get this working.

 

Right now, my flexconfig is puking when trying to add the "aaa-serve microsoft host <myserver.mydomain>" line.

 

Any additional insight would be helpful.  I've got three RA vpn profiles which I'm trying to secure with three different M$ security groups via M$ NPS.

 

Thanks.

2 people had this problem
0 Helpful
3 Replies 3

jmiller21
Level 1
Level 1

‎01-28-2020 05:41 PM

Almost a year and we just purchased this device, without FMC, and even our professional services partner is unable to accomplish this. Any update on your end?.... If you can remember
0 Helpful

mcoupe
Level 1
Level 1
In response to jmiller21

‎01-31-2020 07:10 AM

In the end no ldap attribute mapping was needed.  I've got it built with a single vpn, three vpn profiles and three group policies tied to radius profiles.  Depending to which radius group the individual belongs they get the attributes of the associated group policy.

 

Hope that helps.  If not, I can go through the config and pull out more specifics for you.

0 Helpful

mcoupe
Level 1
Level 1
In response to mcoupe

‎01-31-2020 07:11 AM

Oh...and this is actually a big part of it...I needed to upgrade to 6.2.3 first.
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card