ASA AnyConnect SSL-VPN

This blog post will document how to configure an AnyConnect SSL-VPN on a Cisco ASA firewall using Cisco ISE (2.1 patch 5) as a RADIUS server for authentication.

ISE Configuration

It is assumed that ISE is installed and configured with the basics (IP addresses and integrated into AD).

Define the ASA as a Network Device

  • Navigate to Administration > Network Resources > Network Devices
  • Create new by clicking Add and define the ASA
  • Specify the INSIDE interface IP address of the ASA
  • Tick the RADIUS Authentication Settings box
  • Specify a shared secret, this will need to match on the ASA configuration
  • Click Save
Continue reading “ASA AnyConnect SSL-VPN”

Configuring CheckPoint Mobile Access Blade

The CheckPoint Mobile Access software blade is an SSL-VPN which allows a user’s PC, Smartphone or tablet connectivity to the corporate network. Most new CheckPoint appliances (2200, 4000 series etc) are licensed with the Mobile Access blade as standard. This post provides information on getting started and configuring the basics.

Configuring Mobile Access

Open SmartDashboard and create a new firewall rule permitting inbound HTTPS to the firewall. NOTE – This rules needs to be above the Stealth rule, otherwise the traffic will be dropped

Modify the properties of the firewall object and select “Mobile Access”

The “Mobile Access Configuration” wizard should automatically appear

Continue reading “Configuring CheckPoint Mobile Access Blade”