08-13-2015 08:00 AM - edited 03-11-2019 11:25 PM
Hello,
I've completed user identity setup with Cisco ASA, CDA and MS ldap auth. It works, ..ASA vpn user database is correctly redistributed from CDA to all the other ASAs. However I had to shutdown CDA and I noticed that I still have active users on ASAs user database. Is it a by design behaviour ? I was expected if CDA is down ASAs should have lost mapping information and set eventually all user as inactive. Of course since CDA is down new user vpn logon are not redistributed to all the other ASAs but old one are still active.
Thank you
Solved! Go to Solution.
08-14-2015 06:29 AM
The ASA will store the user database locally and update it as needed (from CDA). The ASA does not query CDA each time a connection is established. It's working as designed.
Hope it helps.
08-14-2015 06:29 AM
The ASA will store the user database locally and update it as needed (from CDA). The ASA does not query CDA each time a connection is established. It's working as designed.
Hope it helps.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide