cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
867
Views
0
Helpful
2
Replies

Anyconnect Authentication Requests Not Making it To ISE

NETAD
Level 4
Level 4

Hello, I configured my ASA and ISE to do group based authentication for the anyconnect users but I'm not seeing the requests hit ISE at all. I attached my ASA config and on ISE I created a new policy set that looks for requests coming from device type = firewalls and nas-port-type= virtual, authentication rule that looks in AD and in my authorization rules I'm matching based on external groups pulled from AD, and lastly an authorization profile that has class-25 set to the group-policy configured on my ASA. Can you please look this over for me? 

1 Accepted Solution

Accepted Solutions

I figured out that I shouldn't disable the tunnel-group-list under webvpn for this to work the way I configured it.

View solution in original post

2 Replies 2

NETAD
Level 4
Level 4
Can someone shime in please?

I figured out that I shouldn't disable the tunnel-group-list under webvpn for this to work the way I configured it.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: