I'm guessing it's using the local accounts as a result of: user-identity default-domain LOCALīut if you can get this working with local users, you can probably work to get auth set up differently if you need.
#Configure cisco anyconnect mac os x password#
The username and password are locally defined in the ASA with lines like: username user password ***** encrypted privilege 15 Then set up your MacOS "Cisco IPSec" client to use the same shared secret as is found in the "ikev1 pre-shared-key" line and the group name is the tunnel-group, in this case "TG_VPN". Replace with the external FQDN and IP address of your ASA. The file disk0:/examplevpn.xml contains: Tunnel-group-map default-group IPSecProfile ! *** Replace with your own shared secret ! *** Replace with your internal DNS zoneĪnyconnect profiles value ExampleVPN type user Split-tunnel-network-list value Split_Tunnel Vpn-tunnel-protocol ikev1 ikev2 l2tp-ipsec ssl-client ssl-clientless ! *** Replace with your internal DNS server ! *** See below for the content of this fileĪnyconnect profiles ExampleVPN disk0:/examplevpn.xml (Look out for ! *** comments.) ! *** This is a pool of IPs that will be allocated to VPN clients I have expurgated it of localized information, so I may have typoed something along the way. I've copied and pasted what I hope is the relevant config out of my ASA (5525) where this is working for both An圜onnect and MacOS-native clients.
0 kommentar(er)
