08-09-2015 12:42 PM - edited 02-21-2020 08:23 PM
I am trying to look for configuration for ASA Anyconnect VPN. I will be using a VPN server certificate and also configuring AD authentication.
What I mostly see is Certificate authentication is used as part of dual authentication. Can anyone point me to the correct guide/configuration?
08-09-2015 01:33 PM
The ASA is always authenticated with the server-certificate of the ASA.
Do I understand you right that you want to authenticate the user just by username/password against the AD?
Then in the connection-profile (tunnel-group in CLI) you only have to choose "AAA" and point to an aaa-server-group that uses the AD. For that you have the choice to use RADIUS against the Windows NPS or to use LDAP. RADIUS with NPS will give you some more flexibility.
08-09-2015 01:56 PM
Yes, I only need AD authentication to be performed. I am looking for step-by-step config guide.
08-09-2015 02:21 PM
Perhaps this document can help you:
https://supportforums.cisco.com/document/57886/asavpnwithnpsdocx
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide