Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello Everyone,
I am doing new solution with ASA-SSL VPN login Authentication by ISE(external identify source is WIN2008 R2 AD)
The topology is that please see the topology map, it is a sample.
Device IP info:
ASA inside IP 10.254.254.1
outside I...
Problem soloved
the problem is:
I created so many line of PolicySet(each one is with a Authorization policy just for one AD group), but every User login only goto top first PolicySet. for example, fisrt policy set is PolicySetGroupA, then UserA can ...
just setup a WindowsServer2012 R2 (Microsoft Windows 6.3.9600])which installed all newest Security Patches,user the AD user to Login vpn, then ISE(Cisco Identity Services Engine Version : 1.4.0.253) still tell me:
Cisco Identity Services Engine
...
After I did some test, I find that the problem is belong to AD user group , Global security Group.
the User A with Group A, it is working and vpn can log on. and User b and Group b is not working.
but if I move User b TO group A, then User b can log...
Thank You Sir
after I disabled two options:
1 Suppress Anomalous Client
2 Suppress Repeated Successful Authentications
it is still not working now.
So please guide me more. Thanks
