Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
414
Views
0
Helpful
1
Replies

Multiple Context in SSL VPN in Cisco 2811 IOS without AAA server

RUSTOM BILLIMORIA
Level 1
Level 1

‎11-30-2014 02:53 AM

Hi All, 

 

I was configuring an SSL VPN on Cisco 2811 with multiple contexts. I wanted specific users to be authenticated on specific contexts but I see that it is not possible to do so without an AAA server. I wanted to create local username and passwords and have them bound to specific contexts. Is it possible to do so? If yes then how. This is a lab scenario so am not looking for best practices.

 

Thanks

Labels:
0 Helpful
1 Reply 1

Karsten Iwen
VIP
VIP

‎11-30-2014 04:17 AM

Here is an example how to configure two contexts. Both use a policy-group ADMIN, but both with different settings:

webvpn context SPLIT16
 !
  policy group ADMIN
    svc split include 10.255.0.0 255.255.0.0
  virtual-template 2
  default-group-policy ADMIN
  aaa authentication list VPN
  gateway VPN domain split16
  inservice
!
webvpn context SPLIT24
  !
  policy group ADMIN
    svc split include 10.255.255.0 255.255.255.0
  virtual-template 2
  default-group-policy ADMIN
  aaa authentication list VPN
  gateway VPN domain split24

 

In AnyConnect you need to use the fqdn "vpn.example.net/split16" or "vpn.example.com/split24" to select the different contexts (these are the commands "gateway VPN domain NAME").

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents