cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1477
Views
10
Helpful
4
Replies

setting up cisco duo for vpn with asa quick setup?

baselzind
Level 6
Level 6

im setting up cisco duo for the first time on asa 5525-x 9.14 . We are currently using anyconnect remote vpn with a tunnel connection profile and a group profile. Can i create a new tunnel connection profile and copy the existing one just change the authentication option? and use the same group profile as well? The goal is to test Cisco duo two factor authentication.

1 Accepted Solution

Accepted Solutions

@baselzind 

Yes, thats a good way to test. That allows the users to continue to work on the old connection profile/tunnel-group whilst you test the duo authentication on a separate tunnel-group.

 

Yes, you can use the same group-policy.

View solution in original post

4 Replies 4

@baselzind 

Yes, thats a good way to test. That allows the users to continue to work on the old connection profile/tunnel-group whilst you test the duo authentication on a separate tunnel-group.

 

Yes, you can use the same group-policy.

thanks . But im worried about the ip pool configured as both tunnel profiles use the same ip pool. Would duplicate ip assignment happen accross the tunnel profile? or the asa is aware of what ip are assigned and what are not?

@baselzind as its the same ASA, it will know about the IP addreses allocated, so should not clash.

Sorry to bring back a dead thread but, I have this same setup and my Duo Group is not showing up when I attempt to connect through the VPN on a Microsoft Surface with the Cisco Secure Client 5.0.00907.

Review Cisco Networking for a $25 gift card