AnsweredAssumed Answered

Pushing RADIUS Profiles to ASA Anyconnect Connection Profile

Question asked by Eris Bleta on Jan 8, 2019
Latest reply on Jan 8, 2019 by Eris Bleta

What I have:

On ASA I have an Anyconnect Connect Profile, in this profile, I have a default Policy (the system is forcing me to add one policy, I have a URL https://url1/radius and the AAA is Radius.

On RSA (RADIUS Server) I have the agent that communicates with the ASA (is working ok) I am able to authenticate all the users from MY RSA Server to VPN.

I have two profile Profile1 Return List Attributes: Cisco-AVPAIR[M][O] ou=POLICY1

                            Profile2 Return List Attributes: Cisco-AVPAIR[M][O] ou=POLICY2

I have assigned the Profile1 to user 1 and Profile2 to user2

and I have checked the options  Sent user's RADIUS Profile when both user and agent have profiles assigned to them

 

 But still, both user1 and user2 when are using https://url1/radius they have the default policy for authorization, not the POLICY1 or POLICY2

 

What I am doing wrong?

Outcomes