Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1438
Views
0
Helpful
2
Replies

Possible to create user account for SSL VPN on ASA?

Benny Chong
Level 1
Level 1

‎03-18-2015 07:06 PM

Hi Security gurus,

 

I know on the ASA we can activate the SSL VPN license and let users remote in using the Cisco anyconnect VPN client. The way how i would do it is link the ASA to the current AD server that we have for authentication. If AD server recognize the account then user will be successfully connected to the VPN from home. Now this is what a normal organization would do in any place.

Now here is my question. I am trying to setup a new DMZ zone with a ASA to allow outside users to use their ssl vpn client to log into this DMZ zone. The thing is i do not have the privilege to get an AD server. Since this DMZ zone is for only like 10 or less users to log in from outside, they are asking me if i can create specific accounts on the ASA to let specific users to log into the DMZ zone from outside with out an AD server. Is this possible? Can i just use an ASA and then create account on it directly?

Any feedback would be great. Thanks

 

Cheers,

Ben

 

1 person had this problem
Labels:
0 Helpful
2 Replies 2

johnd2310
Level 8
Level 8

‎03-18-2015 07:35 PM

Hi,

Yes, you can create local accounts on the ASA and configure vpn profiles to use local authentication.

 

Thanks

John

**Please rate posts you find helpful**
0 Helpful

Adeolu Owokade
Level 1
Level 1

‎03-19-2015 09:33 AM

Hi Ben,

Like John already said, yes you can. Here is a sample config (only of the relevant part):

username sslvpnuser password sslvpnpasswd

tunnel-group SSLVPN type remote-access
tunnel-group SSLVPN general-attributes
 authentication-server-group LOCAL

0 Helpful
Customers Also Viewed These Support Documents