Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
706
Views
0
Helpful
0
Replies

ASA: Fallback to LOCAL AAA database if LDAP server fails

DRowswell
Level 1
Level 1

‎02-13-2013 02:51 PM

I have configured my ASA with a Dynamic Access Policy, so that Remote Access VPN users are allowed into the network (a single LAN) if they are members of the Active Directory user group VPNUsers.  This works fine. 

If I switch off the LDAP server I want the LOCAL database to be used to authenticate users just in case - and this does not appear to be working at the moment

I have set up the AAA server group with a fallback to LOCAL and changed the Default Access Policy to Terminate. Should I simply change the Default Access Policy back from "terminate" to "continue" to allow the LOCAL database to be interrogated, or will this also let in people who aren't members of the Active Directory group as well.  This is a live box, so experimentation is rather awkward!

Thanks!

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents