I have similar issue. Anyconnect vpn users can't authenticate with radius; it defaults to local. I haven't specified local nor do I want to. This is to two-factor authentication; anyconnect vpn users has certificate installed locally. Certificate installed from AD, pushed down by group policy
I tested aaa radius-server authentication and it was successful.
I have the config posted by Javier
tunnel-group AnyConnect general-attributes
tunnel-group AnyConnect webvpn-attributes
authentication aaa certificate
Any ideas? Am I missing something?
Also what does the certificate-map-group command do
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...