Freeradius + google authenticator + Cisco Anyconnect

Charbel Soueid charbel.soueid at
Tue Aug 28 12:07:44 CEST 2018


I am new to freeradius and recently just deployed a freeradius server on ubuntu to authenticate our Cisco Anyconnect VPN users against using two authentication factor with google authenticator.

My configs are in place and everything is working fine, users are able to connect using the radius password+google pin however I would like to restrict users access to a specific

tunnel-group/split-tunnel on my ASA.

I followed the below link for my config:

I need to understand how to apply the specific attributes in my radius so I can pass them to my ASA

Where and how should I apply the attributes "ASA-Group-Policy" and "ASA-IPsec-Split-Tunnel-List" ?

Any sample config for radius and asa you can share?


More information about the Freeradius-Users mailing list