Help
FortiNAC
NOTE: FortiNAC is now named FortiNAC-F. For post-9.4 articles, see FortiNAC-F. FortiNAC is a zero-trust network access solution that provides users with enhanced visibility into the Internet of Things (IoT) devices on their enterprise networks.
cmaheu
Staff
Staff

Created on ‎05-20-2021 07:28 AM

Article Id 196733

Technical Note: Redirected to the wrong portal page due to ASA SSH credentials

Description
Client connecting to ASA VPN tunnel is presented with the registration page instead of the VPN page in captive portal.

This occurs when the appliance cannot determine the client is a VPN client.  The appliance must be able to read the ASA's Restricted Object Group.  This group contains the IP addresses to which VPN pages should be served.

The appliance reads the information by connecting via SSH to the ASA.  The appliance login sequence expects the  ">" prompt in order to elevate privileges upon login to the CLI.  If the SSH account used presents the "#" prompt instead, the appliance will be unable to read the information.



Scope
Version: 8.x, 9.x

Solution
The account used for SSH access to the ASA must require username, password and enable password.


For more details see Cisco ASA VPN Integration reference manual in the Document Library.


ID 0720361



Labels:
715
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.