cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1871
Views
0
Helpful
4
Replies

How Anyconnect VPN users will connect with cisco ASA which is using Radius server ( Domain Controller ) for for authentication

nagaprasad123
Level 1
Level 1

Hi Team 

 

Hope you are doing good.!!!!!!

 

currently am doing a project which involves CISCO ASA-5545-X, RADIUS Server ( Domain Controller) for Authentication. Here i need to configure Anyconnect VPN and host checker in cisco asa.

 

1.users will connect : User points browser at SSL VPN POP. Enters user ID and Passcode.

2. ( Cisco ASA ) Authentication: VPN Sends Credentials to RADIUS Server.

3.Radius Server: Authentication: acknowledgement and group to SSL VPN ( ASA).

4. Connectivity Created: If Employee: PC checked for compliance If NAW, no PC check Assign user to proper role and give IP.

 

this is my requirement, if any one  please guide me how to configure step by step.

1. how to configure Radius Server  ?

2.how to configure CISCO ASA ?

 

Thanks in advance.

 

2 Accepted Solutions

Accepted Solutions

nkarthikeyan
Level 7
Level 7

Hi Naga,

Please refer the following page to setup Radius server as well as ASA. Frankly on the ASA end there is nothing much difference in doing that.

 

http://www.4salesbyself.com/1configuring-radius-authentication-for-webvpn.aspx

 

Hope this helps

Karthik

View solution in original post

Hi Naga,

Below mentioned document link would help your requirement.

http://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect30/administration/guide/anyconnectadmin30/ac05hostscanposture.html#pgfId-1036861

http://www.cisco.com/c/en/us/td/docs/security/asa/asa84/configuration/guide/asa_84_cli_config/vpn_hostscan.pdf

 

Regards

Karthik

View solution in original post

4 Replies 4

nkarthikeyan
Level 7
Level 7

Hi Naga,

Please refer the following page to setup Radius server as well as ASA. Frankly on the ASA end there is nothing much difference in doing that.

 

http://www.4salesbyself.com/1configuring-radius-authentication-for-webvpn.aspx

 

Hope this helps

Karthik

Hi Karthik

Thanks for your response.

Can you please elaborate the configuration levels.

1.How to configure Hostchecker Policies in cisco ASA. 

 - Employee with an Cisco asset and has passed the Cisco managed firewall and anti-virus check.

 -Employee Role with NetworkConnect but has failed the anti-virus, firewall, and asset checks - Personal PC

 -Role for Employees with Cisco asset not meeting Cisco AV and CF policy.

  Here "Cisco" = domain name 

 

Thanks in advance.

 

NagaPrasad

 

Hi team 

 

here the document please go through that 

 

http://www.cisco.com/c/en/us/td/docs/security/csd/csd36/configuration/guide/CSD36cfg.html

Hi Naga,

Below mentioned document link would help your requirement.

http://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect30/administration/guide/anyconnectadmin30/ac05hostscanposture.html#pgfId-1036861

http://www.cisco.com/c/en/us/td/docs/security/asa/asa84/configuration/guide/asa_84_cli_config/vpn_hostscan.pdf

 

Regards

Karthik

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: