Have tried to google this but not getting very far - so any help will be gratefully received.
So for purposes of this issue, we have 4 ASA's for user connectivity ( call these A,B,C and D), and 2 ASA's for 3rd party authentications (call these 1 and 2), each have 2 vpn tunnels connections to a 3rd party ( we'll call these UK and NA).
So a user makes a connection - and the ASA has configured 4 radius ip addresses, one each for the 4 vpn tunnels to the 3rd party.
These are 1UK, 1NA, 2UK, and 2NA. these are also in different orders on the User ASA's so that the 4 vpn tunnels are always in use.
So A is 1UK, 1NA, 2UK and 2 NA, where as D will be 2NA, 2UK, 1NA and 1UK.
Issue we have is if a user connects thru 'D' then they will authenticate to 2NA, but when the user then authenticates to 'A' it would be presumed that the user would authenticate to 1UK, but they are still connecting to 2NA.
I think this is to do with the preferences in the Anyconnect client profile, but i can't see anything that stands out to say 'Remember your last connection' ?
The purpose of this document is to demonstrate how ISE authenticate / authorize a user that uses a smart card (PIN + Certificate) and password mechanism to login their system. This document describes the components used for this setup, configuration of IS...
For all versions of the Email Security Appliance (ESA) and Security Management Appliance (SMA), some Secure Sockets Link (SSL) certificates issued from the QuoVadis root certificate authority (CA) trust chain before 2021-03-31 cannot b...
Automation and programmability for networking and security are increasingly important topics. Every release since ISE 1.2 has included new REST API capabilities to better automate and integrate ISE with the rest of your network, appli...
The latest iteration (v2.3.4) of the Cisco Secure Firewall Migration Tool adds public beta support for S2S VPN migrations from ASA:
Policy-based (crypto map) Pre-Shared key authentication type VPN configuration to Firepower Management Center
Cisco Defense Orchestrator (CDO) is a cloud-based, multi-device manager that manages security products like Adaptive Security Appliance (ASA), Firepower Threat Defense next-generation firewall, and Meraki devices, to name a few.
We make improvement...