I have a site to site vpn tunnel route-based ikev2 between 2 asa's and I am trying to obtain aaa ldap for anyconnect.
The topology is like this:
ASA1 <----------IPSEC-vti tunnel (working)--------> ASA2 (anyconnect config remote authentication with AD using ldap)
The main problem is that i can't add at source interface the virtual int "aaa-server LdapServers (Tunnel100???) host x.x.x.x", only the physical interfaces "aaa-server LdapServers (OUTSIDE) host x.x.x.x" . I added the physical interface where the tunnel has it's source, but no good, still error unreachable server. Can you please help?
The configuration is correct, other traffic works, tunnel is up.
IntroductionComponentsISE ConfigurationEnd user perspective and Validation
Cisco Identity Services Engine (ISE) gives you intelligent Integrated protection through intent-based policy and compliance solution. ISE supports external MDM ...
This video provides the steps to configure the Cisco Threat Response (CTR) and ESA Integration.
This is live on the portal:https://video.cisco.com/video/6159336218001
And on YouTube:https://www.youtube.com/watch?v=UCKIdx5rdFg
I need to migrate from C170 to C190 and have already match to the same Firmware Version. I have a question. Is there any method that can export and import the configuration file instead of form cluster ?
This AMA will serve as the Q&A for the Cisco Live Digital breakout DGTL-BRKSEC-1011 - "A Challenger Appears: Defending Mailboxes in the Cloud" which covers a brand new product which will be announced during the event: Cloud Mailbox Defense.