collapse

Search


User Info

 
 
Welcome, Guest. Please login or register.
Did you miss your activation email?

Author Topic: ISA + ISE 2.1 vpn login with certificate  (Read 12358 times)

Offline amatteo78

  • Cisco Newbie
  • *
  • Posts: 3
  • Reputation: 0
  • Certification: N/A
ISA + ISE 2.1 vpn login with certificate
« on: April 19, 2017, 05:31:06 AM »
Hello,

I have ASA with ISE 2.1 as Radius, they work fine togher to login vpn user.
Now I would try use user certificate already enrolment from BYOD proccess to login vpn user.
I try found some info online but only founded way to enrol/login certificate with ASA, meanwhile I already have user certificate, need only use it for login vpn user.
Thanks

M.

Offline MC

  • Global Moderator
  • Cisco Guru
  • *****
  • Posts: 400
  • Reputation: 606
  • CCIE x3 (RS,Sec,SP)
  • Certification: CCIE
Re: ISA + ISE 2.1 vpn login with certificate
« Reply #1 on: April 20, 2017, 08:43:27 PM »
You can configure ASA to do certificate authentication, and configure AnyConnect client profile to use the BYOD certificate to authenticate. You can follow the video below.

You are not allowed to view links. Register or Login

Offline amatteo78

  • Cisco Newbie
  • *
  • Posts: 3
  • Reputation: 0
  • Certification: N/A
Re: ISA + ISE 2.1 vpn login with certificate
« Reply #2 on: April 21, 2017, 07:49:56 AM »
Hello,

thanks for reply, only 1 things... If I need have 2 type authentication... 1 with cert I know how I do... 1 with user/pass for other user... how can I do ?
Thanks

M.

Offline amatteo78

  • Cisco Newbie
  • *
  • Posts: 3
  • Reputation: 0
  • Certification: N/A
Re: ISA + ISE 2.1 vpn login with certificate
« Reply #3 on: April 22, 2017, 11:19:26 AM »
Hello,

I solve using new "group-url" for tunnel-group that I use for certificate.
Thanks

M.

Offline MC

  • Global Moderator
  • Cisco Guru
  • *****
  • Posts: 400
  • Reputation: 606
  • CCIE x3 (RS,Sec,SP)
  • Certification: CCIE
Re: ISA + ISE 2.1 vpn login with certificate
« Reply #4 on: April 24, 2017, 09:34:50 PM »
Yep.. You got it. Other methods are 'group-alias' where user need to choose group from drop down, or  certificate map.

 

Related Topics

  Subject / Started by Replies Last post
8 Replies
43043 Views
Last post March 13, 2022, 10:25:14 PM
by MC
1 Replies
16005 Views
Last post January 24, 2016, 05:58:49 AM
by MC
5 Replies
14006 Views
Last post July 17, 2016, 10:19:31 PM
by MC
3 Replies
46118 Views
Last post January 23, 2024, 10:45:24 PM
by MC
1 Replies
82853 Views
Last post March 18, 2024, 07:49:26 PM
by MC

SimplePortal 2.3.7 © 2008-2024, SimplePortal