ā02-01-2023 10:18 AM
I have a requirment for implmenting SSL VPN for two diffrent profiles using two diffrent outside interfaces on the same ASA.
Example:
Anyconnect Profile 1 = windows
Anyconnect Profile 2 = mac
I have two outside interfaces with internet access
Outside == 1.1.1.1 = attach Profile 1
Outside2 == 2.2.2.2 = attach Profile 2
For Example, when a user initiate a connection to
winvpn.example.com = the user will connect the windows profile, which will be attched to the outside interface
macvpn.example.com = the user will connect the mac profile, which will be attched to the outside2 interface
I know there is an easy way to do this with "A" DNS records, but that option is not avilable with Frontend DNS loadbalcer we are using, which requires cname forwarding.
I will greately appreciate for any insights/inputs.
We are using Azure Traffic Manager
ā02-01-2023 06:16 PM
So, this might work for me, but one issue i noticed is that, on the Anyconnect side, the SAML SSO authentication process is too fast for me to pick the correct group-alias from the pull down list before it automatically authenticate and connect to the first group-alias in the list. It's fast, maybe 3 second or so. Anything i can do about this?
ā02-02-2023 02:21 PM
Any feedback on how to increase the time for the group selection banner, so i have more than 3 seconds to select the apropriate alias. Right now, it automatically selects the first alias in the list and auto connects. No time to select a diffrent alias from the pull down option.
Any hint or suggestion how i can make this work?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide