I came across a very odd situation where I was asked to configure double factor authentication for anyconnect using certificates and ldap authentication. During my implementation I was asked to configure both, windows certificate services with NDES and the ASA Anyconnect and I found it very troublesome because the windows instalation had to be made on a distributed environment where the main CA was a windows 2k8 and the NDES certificate service was installed on a 2K12 machine. During my experience I could not find any document teaching exactly how to configure both, windows and ASA so this document is intended to share my experience with you guys so anyone can be able to configure it very easily.
First let`s take a look at our topology:
Explaining what was shown:
1 - ASA 5525-X with failover
1 - Windows server 2008 with DNS, Active directory and Certificate Services
1 - Windows 2012 with NDES (Network Device Enrollment Serices)
Is there a best practice around handling Cisco FlexConnect APs and their switchport configuration when doing profiling? Flex APs require commands relating to trunking and native VLAN etc. - which is different to the usual port template ...
Hello, Is there any keepalive mechanism between the switch and ISE. I need to know if there is a way which can enable the switch to know if ISE server is online and available at any particular time.The idea is that lets suppose we try to authenticate...
Hello Experts, I want to utilize existing hardware for Stealthwatch Enterprise deployment. We have UCS 5108 with B200 M5 Servers. I am following below link for the Virtual Server sizing: https://www.cisco.com/c/dam/en/us/td/docs/security/stealth...
i have been asked to list a switch under radius control , some switches are already added under it but im supposed to add any switches that arent , can i simply add the same command to other switches? also the key is made of numbers do i just paste the ke...