Problem with using LDAP to authenticate SSL client vpn
I met a problem with the SSL client VPN. When I use Local as the authentication server, I can access the url://mycompanyweb.com/vpn and download "anyconnect vpn client" software. But once I changed to use LDAP to be the authentication server, I can only access portal which the same url,
here's the configuration of SSL VPN, could someone help? Thank you very much!
: ASA Version 8.2(3) ! hostname testfw01 domain-name cisco.com names dns-guard ! interface Ethernet0/0 description WAN nameif outside security-level 0 ip address x.x.x.x x.x.x.x
interface Ethernet0/1 description LAN nameif inside security-level 100 ip address 10.10.0.254 255.255.0.0 ! boot system disk0:/asa823-k8.bin ftp mode passive clock timezone CST 8 dns domain-lookup outside dns domain-lookup inside dns domain-lookup Production dns domain-lookup management dns server-group DefaultDNS domain-name cisco.com access-list inside_access_in extended permit ip any any access-list outside_access_in extended permit ip any any ip local pool VPN_pool 10.10.20.1-10.10.20.2 mask 255.255.255.0 icmp unreachable rate-limit 1 burst-size 1 asdm image disk0:/asdm-634.bin no asdm history enable arp timeout 14400 global (outside) 1 interface nat (inside) 0 access-list inside_nat0_outbound nat (inside) 1 0.0.0.0 0.0.0.0 nat (Production) 0 access-list Production_nat0_outbound nat (Production) 1 0.0.0.0 0.0.0.0 access-group outside_access_in in interface outside access-group inside_access_in in interface inside access-group Production_access_in in interface Production route outside 0.0.0.0 0.0.0.0 x.x.x.x 1
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...
I am going to design and build an LAN network under a tunnel underground with long distance between the switches.
I will have 2 Catalyst switches and 8 Industrial IE3000, and they will be connected with fiber.
For now I am planning on use Layer-2 s...