Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
289
Views
0
Helpful
1
Replies

Issues with anyconnect and ldap

TylerMickinkle6426
Level 1
Level 1

‎11-06-2019 05:15 AM

Hey guys,

I'm having an issue with configuring Anyconnect. I am currently trying to give permissions to Anyconnect using security groups in AD. The issue is that any user with an AD account can currently login to Anyconnect.

I have created an LDAP attribute map looking at memberOf and assigning a group policy within the ASA. When I check the VPN connection in ASDM it shows that everything has been assigned correctly but it's obviously not working. I'm at a loss on where I should start looking. Any thoughts?

Thank you in advance.

Labels:
0 Helpful
1 Reply 1

Rob Ingram
VIP
VIP

‎11-06-2019 05:59 AM

Hi,

Can you provide a sanitised copy of your configuration for review?

Here are some AnyConnect/LDAP configuration examples which might provide some help.

 

http://www.labminutes.com/sec0126_ssl_vpn_anyconnect_client_ldap_attribute_mapping

https://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/91831-mappingsvctovpn.html

0 Helpful
Customers Also Viewed These Support Documents