Multiple Anyconnect Connection profiles with individual identity certificates
We currently have a number of ASA Anyconnect VPN gateways in our organisation. Users have the ability to select one of the regional client profiles to connect remotely. However we are thinking of deploying load balancing with the Microsoft Azure.
The brief is that on each ASA we should maintain the current connection and client profile and add the connection and client profile for the load balancer. This is with a view to giving the user the ability to select a profile via the anyconnect client.
Authentication - 2 factor - AAA + Cert
Normal Profile - remote.abc.com
Load balance - remote.LB.abc.com
Each profile has an identity cert which is assigned to a trustpoint.
Only one trustpoint can be assigned to the Outside interface of the firewall so only one profile can be operational with the certificate authentication. How do we work around this if we want to have 2 independent connection profiles each with their own identity certs on the ASA? We have already tired using a cert with a Subject Alternate Name (SAN) but I could not import it onto the ASA.
i have an ip that is part of our internal network, i configured route map on the core to redirect the traffic to the firewall for further inspection.i checked the firewall logs i can see the traffic is redirect to the firewall successfully. i could ping o...
Hi, 1)May I know wht it means when context visibility Status showing 'disconnected" and '(blank)'?Difference between 'disconnected" and '(blank)'. Since both devices also not connected.I found tht these devices are no longer connected to the swi...
Hi ,I would like to configure multiple public ip (same subnet) on outside interface of ASA.I want to use static NAT for specific purpose.For example i have 8 public IP and I want to use 1 is internet ,1 for VPN ,1 for DMZ server and all ip want to a...
Hi all, Is it a way to retrieve the IPS policies from our IPS Appliance or censor? I have tried to look for a way but I am not able to do so. May I knwo any way can retrieve the policies from the Appliance either from the Appliance itself o...
Hello,I configured very easy the SSL in RV345 Vpn router, according this doc: https://www.cisco.com/c/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb5519-configure-secure-sockets-layer-virtual-private-network-ssl-v.htmlI tri...