Configure optional settings

Cisco ASA VPN supports two optional settings:

Configure Client IP reporting

To configure Okta to be able to parse, report on, and eventually enforce policy based on the source client IP address, do the following:

  1. In the Admin Console, go to ApplicationsApplications.

  2. In the applications list, click RADIUS Application.

  3. Click the Sign On tab.

  4. Under Advanced RADIUS Settings, select Report client IP.

  5. For RADIUS End User IP Attributes, enter: 31 Calling-Station-Id.

Configure Groups Response

This app can receive and parse standard Attribute Value Pairs (AVP) of 11 (Filter-Id) and 25 (Class).

  1. In the Admin Console, go to ApplicationsApplications.

  2. In the applications list, click RADIUS Application.

  3. Click the Sign On tab.

  4. Under Group Response, select Include groups in RADIUS response.

  5. Enter or select as shown in the following image:

Assigning a group response to a known Okta group.