11-21-2016 08:26 AM
Hello,
I will preface this by saying that I'm new to the world of ASA's, so I apologize for any lack of knowledge on my part.
We currently have two Cisco ASA 5525-X's, one is used for fail over. We currently use AnyConnect (SSL) for our Employee's and then also use the Cisco VPN Client (IPsec) for vendors that need to connect into the network. We would like to only use AnyConnect and do away with the Cisco VPN Client. With that said, my questions is this...
Can we use AnyConnect on the ASA using multiple Authentication Types? Employee's authenticating using their AD credentials and an installed Certificate and Vendors only using it for AD Authentication, this way we can restrict access via the server for Vendors and not the Firewall ACLs.
Thank you in advance!
Solved! Go to Solution.
11-21-2016 08:47 AM
Hi,
absolutely yes.
You can go through Any Connect Connection profile and create different profile with different type of "authentication method".
You can go through local, adserver and so on.
With "Aliases", users will choice between profiles.
NOTE:
Use the configuration for any connect.
"Old" Ipsec is the one that you wanna remove if I understood good. (vpn client cisco).
Let me know and please rate in case of you felt comfortably answer for you.
regards
11-21-2016 08:47 AM
Hi,
absolutely yes.
You can go through Any Connect Connection profile and create different profile with different type of "authentication method".
You can go through local, adserver and so on.
With "Aliases", users will choice between profiles.
NOTE:
Use the configuration for any connect.
"Old" Ipsec is the one that you wanna remove if I understood good. (vpn client cisco).
Let me know and please rate in case of you felt comfortably answer for you.
regards
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide