Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
445
Views
0
Helpful
2
Replies

Multiple VPNs

gcook0001
Level 1
Level 1

‎02-18-2025 12:10 PM - edited ‎02-18-2025 12:21 PM

I am trying to configure two seperate RAVPNs. Currently we have two sites connected via an eVPLS. I have a RAVPN setup for the one site which is our data center. It works fine. The setup uses AzureAD with MFA for authentication. We recently added another firewall to our office space so we now have two internet connections. I would like to add a second RAVPN connection to the office firewall now also using AzureAD.

We have MFCv managing the firewalls. In the data center we have two FTD1140s setup in a HA pair, and in the office we have a single FTD1120 all running 7.6

I have tried a number of different setups trying to get this to work without success. Has anyone setup something like this that can point to documentation on it.

 

Thanks

 

Labels:
0 Helpful
2 Replies 2

Sheraz.Salim
VIP Alumni
VIP Alumni

‎02-22-2025 07:35 AM

Here this is how I shall deal with it.Configuring multiple Remote Access VPNs (RAVPNs) with Azure Active Directory (Azure AD) and Multi-Factor Authentication (MFA) across different sites is possible (can enhance security and flexibility for your organization) For your setup with two sites connected via eVPLS, FTD1140s in HA pair at the data center, and a single FTD1120 at the office, all running version 7.6, you can implement separate RAVPN connections for each site using Azure AD for authentication. This configuration allows for centralized management of user access and consistent security policies across multiple locations. To achieve this you will need to create distinct RAVPN connection profiles for each site, configure Azure AD integration for both, and ensure proper routing and firewall rules are in place. Cisco's documentation on configuring RA VPN connection profiles and Microsoft's guides on integrating Azure AD MFA with VPN solutions can provide detailed steps for implementation Here Here and Here 

please do not forget to rate.
0 Helpful

gcook0001
Level 1
Level 1
In response to Sheraz.Salim

‎03-04-2025 06:35 AM

I followed those directions before posting here. I can't get it to work. I get the same result with both AnyConnect and the browser.

I connect and it asks me for my credentials. I enter them and then when prompted satisfy the MFA. It then tries to connect but I get a message that it can't find the page.  With my browser I go to https://xxx.com, Then I get back the browser url is https://xxx.com/+CSCOE+/saml/sp/ac?tgname=OFFICE-MFA  - office-mfa is the group policy.  The webpage displays No webpage found for this address. 

0 Helpful
Customers Also Viewed These Support Documents