1) create 2 aaa-server groups, one for each domain; then create 2 tunnel-groups, each one pointing to a different aaa-server group.
This means of course that the users will have to select the correct tunnel-group (either from a drop-down list, or by going to the right group-url). For Anyconnect users, you can optionally deploy a different profile (i.e. with a different group name) to both sets of users.
2) assuming the 2 domains are in the same AD Forest, configure one (or more) DC to be a GCS (Global Catalog Server) for the Forest. Then on the ASA you can use the GCS as LDAP server to do multi-domain lookups.
Downside of this approach is that GCS cannot handle password changes.
the Cisco CPN Client for a long time to connect to a VPN Server. Now I've got a new machine with a Windows 7 64 bit. The Cisco VPN Client isn't avaiable in a 64 bit version. Cisco suggests to use Cisco AnyConnect instead because there'a 64 bit version ava...
May 2016Splunk is a powerful tool for analyzing information in your organization by collecting, storing, alerting, reporting, and analyzing machine data. With Cisco platform Exchange Grid (pxGrid) Splunk is able to proactively act on received network secu...
Happy to announce that we have an updated version of our Enabling AMP on Content Security Products - Best Practices (v3.0). Please feel free to review if you have questions regarding deployment of AMP (File Reputation and File Analysis).
Updated: July 2018
New: Updated format , Netflow configuration examples per platform (End of Table)
Note: Remember the table is scrollable horizontally to view other columns, not only vertically
IOS / IOS XE