Hi there! I am wondering how you managed the pre-filled username withing the anyconnect browser. I tried with builtin anyconnect browser and external browser package but no pre-fill of the current signed in user (microsoft). Is this an extra setting?
hello is it possible to use the outside interface to terminate the VPN on a ASAv on Azure ? I am thinking of using as traditional interface facing the internet
Thank you for your comment! For a thorough response, please ask questions and learn more at our NetSec Community Site: community.cisco.com/t5/network-security/bd-p/discussions-network-security Best, NetSec Team
Thank you for your comment! For a thorough response, please ask questions and learn more at our NetSec Community Site: community.cisco.com/t5/network-security/bd-p/discussions-network-security
Thank you for your comment! For a thorough response, please ask questions and learn more at our NetSec Community Site: community.cisco.com/t5/network-security/bd-p/discussions-network-security Best, NetSec Team
really very informative and working fine for me but I need few clarifications , we are using more than 1 VPN Profiles for users , now when we click on connect AnyConnect Client, then automatically default POP up for Azure AZ Profile , is it possible to select Profile instead of automatic ? 2nd if we want to use an other AnyConnect Profile on the same ASA with azure AD authentication then we have to add another application on azure or we can use the same ? waiting for your Quick response or any informative guideline, thanks
Thank you for your comment! For a thorough response, please ask questions and learn more at our NetSec Community Site: community.cisco.com/t5/network-security/bd-p/discussions-network-security Best, NetSec Team
Thank you for your comment! For a thorough response, please ask questions and learn more at our NetSec Community Site: community.cisco.com/t5/network-security/bd-p/discussions-network-security Best, NetSec Team
Hi Veronika On the video you are using a single connection profile A (Tunnel group A). If we have for example 2 connection profiles (2 Tunnel groups) 2 Azure AD groups (for example Sales and Finance), then do we need to add the Identifier twice? URL1 for Profile A (tunnel group A - Sales), and URL2 for Profile B (Tunnel group B - Finance)? If we want to control what resources are reachable per tunnel group/Azure AD group/Connection profile, then is it that we only need to add the "vpn-filter" on the group-policy for tunnel-group A (Sales), and a different "vpn-filter" on the group policy for tunnel-group B (Finance)? For this kind of authorization/access control per group, we dont need any type of Radius or ISE integration. Is this correct? Thanks!
Thank you for your comment! For a thorough response, please ask questions and learn more at our NetSec Community Site: community.cisco.com/t5/network-security/bd-p/discussions-network-security
To say this video was a life saver is an understatement. Thank you very much for the informative video that is well detailed.
Glad it was helpful!
Thank you! very helpful and detailed.
You're very welcome!
Thank you Veronika, very informative :)
You are very welcome!
Thanks alot Veronika. Very useful session
Glad it was helpful! More to come! We have added three new playlists to the channel : th-cam.com/users/CiscoNetSecplaylists
can we have more than one profile as we have one for splittunnel and one is full tunnel?
Exactly what I needed. Thank you!!
You are so welcome!
Very informative!!
Glad you think so!
Excelente conteúdo.. muito bom! Parabéns!
Hi there! I am wondering how you managed the pre-filled username withing the anyconnect browser.
I tried with builtin anyconnect browser and external browser package but no pre-fill of the current signed in user (microsoft).
Is this an extra setting?
Is it possible to use AZURE IDP with SCIM(provisioning) but for IPSec tunnel an not dor AnyConnect? or IPsec tunnel just Surrogate Ip?
hello is it possible to use the outside interface to terminate the VPN on a ASAv on Azure ? I am thinking of using as traditional interface facing the internet
How do I get MS Authenticator on screen ?
Do you know how to apply the cisco dynamic access policy to control the access users have when they connect with azure SSO?
Thank you for your comment! For a thorough response, please ask questions and learn more at our NetSec Community Site: community.cisco.com/t5/network-security/bd-p/discussions-network-security
Best,
NetSec Team
very good, question, how to connect to VPN on windows before login ? using Cisco Anyconnect SBL ? Thank you in advance.
Thank you for your comment! For a thorough response, please ask questions and learn more at our NetSec Community Site: community.cisco.com/t5/network-security/bd-p/discussions-network-security
Thanks so much.
You're welcome!
There is some documentation about Cisco Firepower FMC ?
Thank you for your comment! For a thorough response, please ask questions and learn more at our NetSec Community Site: community.cisco.com/t5/network-security/bd-p/discussions-network-security
Best,
NetSec Team
really very informative and working fine for me but I need few clarifications , we are using more than 1 VPN Profiles for users ,
now when we click on connect AnyConnect Client, then automatically default POP up for Azure AZ Profile , is it possible to select Profile instead of automatic ?
2nd if we want to use an other AnyConnect Profile on the same ASA with azure AD authentication then we have to add another application on azure or we can use the same ?
waiting for your Quick response or any informative guideline, thanks
Thank you for your comment! For a thorough response, please ask questions and learn more at our NetSec Community Site: community.cisco.com/t5/network-security/bd-p/discussions-network-security
Best,
NetSec Team
Thanks Veronika. I have a question...
Can I apply this configuration on Ikev2 VPN ? or only in SSL ?
Thank you for your comment! For a thorough response, please ask questions and learn more at our NetSec Community Site: community.cisco.com/t5/network-security/bd-p/discussions-network-security
Best,
NetSec Team
Hi Veronika On the video you are using a single connection profile A (Tunnel group A). If we have for example 2 connection profiles (2 Tunnel groups) 2 Azure AD groups (for example Sales and Finance), then do we need to add the Identifier twice? URL1 for Profile A (tunnel group A - Sales), and URL2 for Profile B (Tunnel group B - Finance)?
If we want to control what resources are reachable per tunnel group/Azure AD group/Connection profile, then is it that we only need to add the "vpn-filter" on the group-policy for tunnel-group A (Sales), and a different "vpn-filter" on the group policy for tunnel-group B (Finance)? For this kind of authorization/access control per group, we dont need any type of Radius or ISE integration. Is this correct?
Thanks!
Thank you for your comment! For a thorough response, please ask questions and learn more at our NetSec Community Site: community.cisco.com/t5/network-security/bd-p/discussions-network-security