Solved: Re: LDAP Cisco ASA Remote Access VPN

L1MI · ‎02-08-2022

Hello! I have a problem with setting up cisco asa.

Cisco Adaptive Security Appliance Software Version 9.16(2)13
SSP Operating System Version 2.10(1.180)
Device Manager Version 7.16(1)

I am setup VPN server for users, with AAA with LDAP (freeIPA) server. And wonna use dynamic access policies for auto set users acl and others.
But I have problem with ldap attribute map memberOf.

I've been trying to fix this for hours now. I read a lot of articles, but I can't win. I ask for your help.

balaji.bandi · ‎02-08-2022

Do you have that group, and ASA have enough access to access that Group. what is the logs you see on the LDAP side ?

Not expert on that LDAP you using, but MS AD, you have service account which give that access.

check below good document :

https://www.petenetlive.com/KB/Article/0001152

https://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/91831-mappingsvctovpn.html

post show run to understand the issue

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

View solution in original post

balaji.bandi · ‎02-08-2022