having an ASA5512x is it possible to have anyconnect-dial-in-PC-users asking for their login credentials AND also an one-time-password
whereas smartphone users only need to provide their login and a password without the need to manually choose the profile?
I set up two tunnel-groups:
1) is asking a LDAP server for authentication
2) is contacting an RADIUS server running One Time Password software.
Is there a way to have the asa assigning smartphone users (based on their OS) to automatically use the first profile (which has limited access to intranet ressouces) and have Anyconnect-PC-users pinned to the second tunnel group? Dynamic Access Policies seem to be able to differenciate only "within" a tunnel-group.
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...