cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
399
Views
0
Helpful
1
Replies
dotwell11
Beginner

Add local account to SSL (WebVPN) access

Hi,

We have been having persistent problems with our ACS, which WebVPN uses for RADIUS authentication (via LDAP). It's been so bad, that we have had to resort to restarting the services every 15 minutes just to allow people to get in. I would open a case with TAC, but we will need to renew our support agreement first.

Anyhow, as a temporary measure, I would like to configure a local account that has access through WebVPN. I thought it was as simple as adding the account to the ASA and adding the WebVPN group policy attribute. Unfortunately, this did not work, and I'm not sure why. How do I add a local account to access WebVPN that is already configured to use ACS? I don't want to shut off ACS, I just want to have a "back door" into our network in case ACS fails. Any help would be appreciated.

Oh, and if you could explain the steps in detail, I'd appreciate that too (I'm a Cisco newbie)

Thanks!

1 REPLY 1
Jennifer Halim
Cisco Employee

You would need to choose whether to use ACS or local account for the group policy.

If you don't want to shut off the ACS authentication for everybody, I guess i would suggest you to configure a new temporary group for yourself if you want to access the WebVPN using local account.

That way, other users will still be able to use ACS for authentication, and if it's down, you can use it using local account temporarily until the ACS is fixed.

Content for Community-Ad