We currently have our ASA setup to authenticate VPN connections against our Active Directory. I want to keep this in place, but I also need to setup a non-AD id/password which will work when AD is not available. The scenario is that when we have a power outage and the servers are turned off, we cannot VPN in to our network to remotely turn the servers back on since AD is off. I need a non-AD id to allow a connection. TIA!
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
ASA5505 VPN without Active Directory Available
- Thread starter stillmc
- Start date
Supergrrover
IS-IT--Management
Add the LOCAL keyword to the your tunnel group config AAA command
authentication-server-group AAASERVER LOCAL
If the group servers are unreachable it will fallback to local.
Brent
Systems Engineer / Consultant
CCNP, CCSP
authentication-server-group AAASERVER LOCAL
If the group servers are unreachable it will fallback to local.
Brent
Systems Engineer / Consultant
CCNP, CCSP
- Status
Similar threads
- Locked
- Question
- Locked
- Question