Configure Remote Access VPN Secondary Authentication
Before you begin
-
Configure two authentication (AAA) servers— the primary and secondary authentication servers, and required identity certificates. The authentication servers can be RADIUS server, and AD or LDAP realms.
-
Ensure that the AAA servers are reachable from the Firepower Threat Defense device for the remote access VPN configuration to work. Configure routing (at Devices > Device Management > Edit Device > Routing) to ensure connectivity to the AAA servers.
Procedure
Step 1 | On your Cisco Defense Orchestrator web interface, choose Devices > VPN > Remote Access. | ||
Step 2 | Select a remote access policy and click Edit; or click Add to create a new remote access VPN policy. | ||
Step 3 | For a new remote access VPN policy, configure the authentication while selecting connection profile settings. For an existing configuration, select the connection profile that includes the client profile, and click Edit. | ||
Step 4 | Click AAA or Client Certificate & AAA. ,
|