cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
9293
Views
5
Helpful
8
Replies

How to add MFA using Microsoft NPS and Firepower 2130 with FTD

doukkalli
Level 1
Level 1

Hi,

I configured RA VPN (AnyConnect) using Firepower 2130 FTD and Active Directory. All used belonged to the right group can connect to VPN using AnyConnect. They can access to our ressources (RFC 1918).

When I add Microsoft NPS as Radius servers to force multi-factor authentication no user is able to connect.

 

What is the best practice to add Microsoft NPS to support MFA on Cisco Firepower 2130 FTD.

All

FTD version: 6.5.0 (last patch)

FMC: 6.5.0 (last patch).

2 Accepted Solutions

Accepted Solutions

Thanks for sharing your solution with the community.

View solution in original post

I will share a complete setup in a docx or pdf format with screenshot and more.

View solution in original post

8 Replies 8

doukkalli
Level 1
Level 1

Issue solved.

You must configure the "Connection Request Policy" in Microsoft NPS with only and only the IP address of the inside interface of FTD.

 

In AAA select RADIUS  Server Group in Authentication and Authorization only.

 

All other options remains unchanged.

Thanks for sharing your solution with the community.

I will share a complete setup in a docx or pdf format with screenshot and more.

Hi doukkalli,

 

Thanks for your post, would you be able to share the complete setup doc because I want to double check my Config as I am just getting login failed messages in the AnyConnect client.

 

Thanks

 

Phil

Hi Doukkali,

 

Is it possible to share with us the configuration document with us? 

 

Thanks & Regards,

Sam

Hi Doukkalli , do you have de docx or PDF ?  thank you

Can you share the solution document, trying to setup same setup and having issues.

 

Thanks

 

Michael Proctor
Level 1
Level 1

Can you advise how you were able to get this working?

Review Cisco Networking for a $25 gift card