I am planning on deploying an ASA firewall to serve as a SSL-VPN gateway.
The ASA firewall will need to communicate with two different Active Directory servers/Domains to authenticate remote users.
So the question is is this possibe?
We can define a single 'authentication' server for the 'tunnel-group' but is there a work around to get the ASA to authenticate users to multiple 'aaa-servers'.
Even if I did add multiple aaa-servers to the 'aaa-server group' then the firewall only checks the second aaa server only if the first aaa server is down?
Any input on this greatly appreciated.