03-14-2019 04:58 AM
Hi Experts,
I need help in configuring an ikev2 profile for VRF to restrict other VRF users.
AnyConnect Client 4.5 is using FlexVPN using AnyConnect-EAP authentication with an IKE ID for matching remote key identity.
Also, we are using a local AAA database.( No Radius/TACACS).
In case I got the IKE ID of any other tenant and using that in my AnyConnect profile I can connect to another tenant network.
I hope this can be restricted using name-mangler option in aaa authorization group/user in ikev2 profile but found limited examples for implementing it with local-AAA.
Please find the configuration snapshot.
Solved! Go to Solution.
03-19-2019 04:55 AM
03-19-2019 07:43 AM
03-19-2019 07:57 AM
03-19-2019 08:10 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide