07-12-2024 07:31 AM
Hi all,
We've been using Duo Firepower SSO with our ASA/FTD to protect our AnyConnect/Secure Client users and it's been working well.
However, we have a need to give VPN access to a couple of vendors, and we traditionally create custom VPN profiles for them to use, in order to restrict network access. Would we be able to create multiple protected applications in Duo for Firepower SSO, with each setup to protect different connection profiles?
Thanks
07-16-2024 10:09 PM
Please take a look at this as this was done with ASA, but i think something similar should work on FTD:
Also you can make it work without multiple connection profiles either by using authorization of the same user via local ldap or radius server that can push down a group policy that is different based on the AD group.
https://www.wiresandwi.fi/blog/asa-vpn-saml-authentication-some-tips-and-tricks
07-21-2024 05:53 AM
Are this issue solved ?
MHM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide