Lab Minutes Forum
Technical Discussion => Security => Topic started by: amatteo78 on April 19, 2017, 05:31:06 AM
-
Hello,
I have ASA with ISE 2.1 as Radius, they work fine togher to login vpn user.
Now I would try use user certificate already enrolment from BYOD proccess to login vpn user.
I try found some info online but only founded way to enrol/login certificate with ASA, meanwhile I already have user certificate, need only use it for login vpn user.
Thanks
M.
-
You can configure ASA to do certificate authentication, and configure AnyConnect client profile to use the BYOD certificate to authenticate. You can follow the video below.
http://www.labminutes.com/sec0127_ssl_vpn_anyconnect_client_certificate_double_authentication_1
-
Hello,
thanks for reply, only 1 things... If I need have 2 type authentication... 1 with cert I know how I do... 1 with user/pass for other user... how can I do ?
Thanks
M.
-
Hello,
I solve using new "group-url" for tunnel-group that I use for certificate.
Thanks
M.
-
Yep.. You got it. Other methods are 'group-alias' where user need to choose group from drop down, or certificate map.