I came across a very odd situation where I was asked to configure double factor authentication for anyconnect using certificates and ldap authentication. During my implementation I was asked to configure both, windows certificate services with NDES and the ASA Anyconnect and I found it very troublesome because the windows instalation had to be made on a distributed environment where the main CA was a windows 2k8 and the NDES certificate service was installed on a 2K12 machine. During my experience I could not find any document teaching exactly how to configure both, windows and ASA so this document is intended to share my experience with you guys so anyone can be able to configure it very easily.
First let`s take a look at our topology:
Explaining what was shown:
1 - ASA 5525-X with failover
1 - Windows server 2008 with DNS, Active directory and Certificate Services
1 - Windows 2012 with NDES (Network Device Enrollment Serices)
I am successfully backing up running-config using Embedded Event Manager: event manager applet Backup-Configevent timer absolute time 1:00:00action 0 cli command "copy /noconfirm running-config tftp://guru/backups/asa-x-vpn-config-latest"output file ...
Hi folks, not really sure if this is the right place or not, seeking for your assistance on this matter, we have a pretty old ISE running 2.0 so we have started getting alerts of an intermediate certificate authority: Inter...
Community,I recently implemented FTD's and had a question. I am not seeing any Intrusion Events or Attackers populating in the Intrustion Events or Geolocation tabs in my dashboard. Is this because I have not yet enabled the "inspection" option in any of ...
Hi Guys, I have FTD/FMC setup for AnyConnect. The ISE is for authentication. In our AD's IT_Group_VPN which currently has almost 300 users for AnyConnect VPN. As setup today, everyone who is in this AD group 'IT_Group_VPN' would have acce...