im setting up cisco duo for the first time on asa 5525-x 9.14 . We are currently using anyconnect remote vpn with a tunnel connection profile and a group profile. Can i create a new tunnel connection profile and copy the existing one just change the authentication option? and use the same group profile as well? The goal is to test Cisco duo two factor authentication.
Yes, thats a good way to test. That allows the users to continue to work on the old connection profile/tunnel-group whilst you test the duo authentication on a separate tunnel-group.
Yes, thats a good way to test. That allows the users to continue to work on the old connection profile/tunnel-group whilst you test the duo authentication on a separate tunnel-group.
thanks . But im worried about the ip pool configured as both tunnel profiles use the same ip pool. Would duplicate ip assignment happen accross the tunnel profile? or the asa is aware of what ip are assigned and what are not?
Sorry to bring back a dead thread but, I have this same setup and my Duo Group is not showing up when I attempt to connect through the VPN on a Microsoft Surface with the Cisco Secure Client 5.0.00907.
Learn, share, save
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
