04-07-2020 02:36 AM
Hi,
I configured RA VPN (AnyConnect) using Firepower 2130 FTD and Active Directory. All used belonged to the right group can connect to VPN using AnyConnect. They can access to our ressources (RFC 1918).
When I add Microsoft NPS as Radius servers to force multi-factor authentication no user is able to connect.
What is the best practice to add Microsoft NPS to support MFA on Cisco Firepower 2130 FTD.
All
FTD version: 6.5.0 (last patch)
FMC: 6.5.0 (last patch).
Solved! Go to Solution.
04-07-2020 10:18 AM
Thanks for sharing your solution with the community.
04-07-2020 10:58 AM
I will share a complete setup in a docx or pdf format with screenshot and more.
04-07-2020 07:46 AM
Issue solved.
You must configure the "Connection Request Policy" in Microsoft NPS with only and only the IP address of the inside interface of FTD.
In AAA select RADIUS Server Group in Authentication and Authorization only.
All other options remains unchanged.
04-07-2020 10:18 AM
Thanks for sharing your solution with the community.
04-07-2020 10:58 AM
I will share a complete setup in a docx or pdf format with screenshot and more.
11-03-2020 02:37 PM
Hi doukkalli,
Thanks for your post, would you be able to share the complete setup doc because I want to double check my Config as I am just getting login failed messages in the AnyConnect client.
Thanks
Phil
11-11-2021 03:18 AM
Hi Doukkali,
Is it possible to share with us the configuration document with us?
Thanks & Regards,
Sam
11-14-2022 05:48 AM
Hi Doukkalli , do you have de docx or PDF ? thank you
06-29-2020 11:03 AM
Can you share the solution document, trying to setup same setup and having issues.
Thanks
11-15-2021 10:57 AM
Can you advise how you were able to get this working?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide