Hi everyone,
We are currently working on enabling on MFA for Anyconnect. We just got everyone in our company setup with MFA and we are working on deploying that into our VPN. I have been following a cisco white pages and a YouTube video from cisco and they both seem really straight forward.
However, I would like to turn this on for a few employees to test it out before enabling it for the whole company. Currently everyone VPN's into our main office using a vpn tunnel called vpn_fiber. The authentication method is ldap and it's using a aaa-server-group called LDAP_GROUP. The LDAP_GROUP has two hosts to authenticate with both are internal servers running AD as we are a hybrid environment.
My question is this: When I configure Cisco Anyconnect to use SAML Authentication, and apply SAML authentication to our Tunnel Group, will my other Authentication method be replaced? It seems on the Microsoft side I can specify what users I let use MFA for the VPN, but I am not sure if the other authentication will stay in place as well.
Any insight on this would be much appreciated.
No comments:
Post a Comment