Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
258
Views
2
Helpful
2
Replies

Firepower SSO for multiple connection profiles

MauryJ
Level 1
Level 1

‎07-12-2024 07:31 AM

Hi all,

We've been using Duo Firepower SSO with our ASA/FTD to protect our AnyConnect/Secure Client users and it's been working well.   

However, we have a need to give VPN access to a couple of vendors, and we traditionally create custom VPN profiles for them to use, in order to restrict network access.     Would we be able to create multiple protected applications in Duo for Firepower SSO, with each setup to protect different connection profiles?

Thanks

2 Replies 2

ccieexpert
Spotlight
Spotlight

‎07-16-2024 10:09 PM

Please take a look at this as this was done with ASA, but i think something similar should work on FTD:

https://community.cisco.com/t5/security-knowledge-base/anyconnect-vpn-saml-sso-with-azure-idp-multi-tunnel-groups/ta-p/4563095

Also you can make it work without multiple connection profiles either by using authorization of the same user via local ldap or  radius server that can push down a group policy that is different based on the AD group.

https://www.wiresandwi.fi/blog/asa-vpn-saml-authentication-some-tips-and-tricks

MHM Cisco World
VIP
VIP

‎07-21-2024 05:53 AM

Are this issue solved ?

MHM

0 Helpful
Quick Links
     
                  Duo Release Notes   Duo Discussion Forums      
 
 
Customers Also Viewed These Support Documents