Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
441
Views
0
Helpful
1
Replies

VPN Authentication options

ethutchinson
Level 1
Level 1

‎08-11-2021 02:25 PM

We are currently using Cisco Anyconnect clients (ver 4.7) to authenticate to our ASA 5515xs in a Active\Standby failover pair. We have purchased two Firepower 1140 FTDs to replace them in the near future. We are right now authenticating to the local database on the ASAs. From what I have found out this will not be possible with the FTDs. Is this true? We really want to keep authenticating for remote access to a separate source from our normal network authentication. From what I have learned I will have to setup a RADIUS server to accomplish this. On this server's Local SAM database will be the usernames and passwords. Has anyone done this with the NPS role built into MS server 2016. Can anyone comment or help with this type of remote authentication.

 

Thanks

Labels:
0 Helpful
1 Reply 1

balaji.bandi
Hall of Fame
Hall of Fame

‎08-11-2021 04:19 PM - edited ‎08-11-2021 04:23 PM

I would advise rather a Local authentication - an external source is the best option.

 

here are the steps: FTD remote access integrate with MS NPS

 

https://www.itornageek.com/2020/05/17/how-to-configure-remote-access-vpn-on-cisco-ftd/

 

SAM you can refer MS document :

 

https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/ee406119(v=ws.10)

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful
Customers Also Viewed These Support Documents