cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
312
Views
0
Helpful
1
Replies

One Interface Two Authentication Types

Asa Hoaglund
Level 1
Level 1

Hello,

I will preface this by saying that I'm new to the world of ASA's, so I apologize for any lack of knowledge on my part.

We currently have two Cisco ASA 5525-X's, one is used for fail over. We currently use AnyConnect (SSL) for our Employee's and then also use the Cisco VPN Client (IPsec) for vendors that need to connect into the network. We would like to only use AnyConnect and do away with the Cisco VPN Client. With that said, my questions is this...

Can we use AnyConnect on the ASA using multiple Authentication Types? Employee's authenticating using their AD credentials and an installed Certificate and Vendors only using it for AD Authentication, this way we can restrict access via the server for Vendors and not the Firewall ACLs.

Thank you in advance!

1 Accepted Solution

Accepted Solutions

teatrodelsogno
Level 1
Level 1

Hi,

absolutely yes.

You can go through Any Connect Connection profile and create different profile with different type of "authentication method".

You can go through local, adserver and so on.

With "Aliases", users will choice between profiles.

NOTE:

Use the configuration for any connect.

"Old" Ipsec is the one that you wanna remove if I understood good. (vpn client cisco).

Let me know and please rate in case of you felt comfortably answer for you.

regards

View solution in original post

1 Reply 1

teatrodelsogno
Level 1
Level 1

Hi,

absolutely yes.

You can go through Any Connect Connection profile and create different profile with different type of "authentication method".

You can go through local, adserver and so on.

With "Aliases", users will choice between profiles.

NOTE:

Use the configuration for any connect.

"Old" Ipsec is the one that you wanna remove if I understood good. (vpn client cisco).

Let me know and please rate in case of you felt comfortably answer for you.

regards