This blog post will document how to configure an AnyConnect SSL-VPN on a Cisco ASA firewall using Cisco ISE (2.1 patch 5) as a AAA server for authentication.
It is assumed that ISE is installed and configured with the basics (IP addresses and integrated into AD).
Define the ASA as a Network Device
- Navigate to Administration > Network Resources > Network Devices
- Create new by clicking Add and define the ASA
- Specify the INSIDE interface IP address of the ASA
- Tick the RADIUS Authentication Settings box
- Specify a shared secret, this will need to match on the ASA configuration
- Click Save
Continue reading “CCNP SIMOS: ASA AnyConnect SSL-VPN”
The CheckPoint Mobile Access software blade is an SSL-VPN which allows a user’s PC, Smartphone or tablet connectivity to the corporate network. Most new CheckPoint appliances (2200, 4000 series etc) are licensed with the Mobile Access blade as standard. This post provides information on getting started and configuring the basics.
Configuring Mobile Access
Open SmartDashboard and create a new firewall rule permitting inbound HTTPS to the firewall. NOTE – This rules needs to be above the Stealth rule, otherwise the traffic will be dropped
Modify the properties of the firewall object and select “Mobile Access”
The “Mobile Access Configuration” wizard should automatically appear
Continue reading “Configuring CheckPoint Mobile Access Blade”