Use Azure MFA With Microsoft NPS (RADIUS) Server
Jul20

Use Azure MFA With Microsoft NPS (RADIUS) Server

Posted By on Jul 20, 2021

  KB ID 0001759 Problem I was in a forum last week and someone asked, “Can I enable Azure MFA, on my RADIUS server, to secure access to my switches and routers etc”. It turns out if you want to enable Azure MFA with Microsoft NPS it’s actually quite  simple. So, I’m using RADIUS auth (above) on my NPS server, and it’s simply checking the authenticating user is a member of a domain security group....

Read More
AnyConnect: ‘Quick and Dirty’ Duo 2FA
Sep01

AnyConnect: ‘Quick and Dirty’ Duo 2FA

Posted By on Sep 1, 2020

KB ID 0001701 Problem Normally if I were deploying Duo 2FA with AnyConnect I’d deploy a Cisco RADIUS VPN on my LAN, (usually on my Duo Authentication Proxy). See the following article; AnyConnect: Enable Duo 2Factor Authentication However, last time I set this up, a colleague said ‘Oh by the way, you don’t need to do that, you can just point the firewall directly at Duo’. I was initially skeptical but I tried...

Read More
AnyConnect: Enable Duo 2Factor Authentication
Feb04

AnyConnect: Enable Duo 2Factor Authentication

Posted By on Feb 4, 2020

KB ID 0001650 Problem I was asked if I’d ever set this up the other week. Surprisingly I had not, I’d deployed Duo for other things, but not for Cisco AnyConnect. As I had some other ‘Duo’ related tasks coming up, I was deploying it on the test bench, then adding in my Cisco ASA and AnyConnect wasn’t much more work! Here’s my topology; My ASA is running version 9.1 My Duo Authentication Proxy is...

Read More
Cisco ASA AnyConnect VPN ‘Using ASDM’
Jan17

Cisco ASA AnyConnect VPN ‘Using ASDM’

Posted By on Jan 17, 2020

KB ID 0000069 Problem Note: This is for Cisco ASA 5500, 5500-x, and Cisco Firepower devices running ASA Code. Below is a walk through for setting up a client to gateway VPN Tunnel using a Cisco Firepower ASA appliance. This was done via the ASDM console. The video was shot with ASA version 9.13(1) and ASDM 7.13(1). Suggestion: If you are setting this up for the first time, I would suggest setting it up to use the ASA’s LOCAL...

Read More
Cisco AnyConnect With Server 2016 NPAS (RADIUS) Different Groups
Oct11

Cisco AnyConnect With Server 2016 NPAS (RADIUS) Different Groups

Posted By on Oct 11, 2018

KB ID 0001474 Problem A few years ago I replaced a firewall that was setup like this, and while it took me a while to work out what was going on, I remember thinking it was an elegant solution. Fast forward to today, and I’m now working with the guy who set it up! (Kudos to Paul White). So when I had a client with a similar requirement, I sat down fired up the lab, and documented it. What was used; Windows 10 Remote Client...

Read More