You are here
SEC0215 - ISE 2.0 Meraki MDM with AnyConnect VPN (Part 1)
Difficulty Level:
Lab Document:
<Please login to see the content>
Category:
Security
The video shows an integration between Cisco ISE 2.0 and Meraki System Manager to provide client-based certificate authentication and mobile device posture assessment to AnyConnect VPN client. The configuration covers both ASA and ISE. The goal is to demonstrate an ability to provide consistent network access experience over VPN as we saw over wireless in the previous video.
Part 1 of this video covers ASA configuration and basic VPN authentication with certificate
Topic:
- AnyConnect VPN with Client Certificate
- AnyConnect Client Profile
- Certificate Mapping
- MDM Posture Assessment
-
ISE Authorization Profile
- Downloadable ACL (DACL)
- ISE Authorization Policy
About Author
Metha Chiewanichakorn, CCIE#23585 (Ent. Infra, Sec, SP), is a Cisco networking enthusiast with years of experience in the industry. He is currently working as a consulting engineer for a Cisco partner. As a founder of and an instructor at labminutes.com, Metha enjoys learning and challenges himself with new technologies.
2 comments
ASA VPN without cert authentication
Can this method done with authentication without certificate? So the client must put username password for VPN manually.
ASA VPN without cert authentication
VPN authentication method is controlled by the ASA configuration and has nothing to do with MDM integration so you can easily change from cert auth back to user/pass under Tunnel-group config.