Hi, I have simple network config
AnyconnectClient(with certificate)------>ASA(with SSL VPN enabled)---------->ACSserver
Client authentificates on ASA via certificate, and after successful authentification I want to Authorize my clients on ACS with DACL association per client. ASA get username from CN-field in certificate, and sends to ACS, ACS respond to ASA authentification fail, password incorrect, and no DACL assign happends. How can I define in ACS that it should be only authorization process without any password, just username from certificate?