Right,
If I clear the profile I point at the controller and login I get the xxx_via_IT profile, I close the client and reconnect I get default when I connect and login to the controller I still get default which has nothing configured.
I have included all the show commands.
(Kings_VPN) #show aaa authentication via auth-profile default
VIA Authentication Profile "default"
------------------------------------
Parameter Value
--------- -----
Default Role default-via-role
Server Group via_server_group
Description Default VIA Authenication Profile
(Kings_VPN) #show aaa server-group via_server_group
Fail Through:No
Auth Servers
------------
Name Server-Type trim-FQDN Match-Type Match-Op Match-Str
---- ----------- --------- ---------- -------- ---------
NDS1 Ldap No
NDS0 Ldap No
Role/VLAN derivation rules
---------------------------
Priority Attribute Operation Operand Type Action Value Validated
-------- --------- --------- ------- ---- ------ ----- ---------
1 groupMembership equals cn=vpn_users,ou=Services,o=xxx String set role xxx-via-role No
2 groupMembership equals cn=it_vpn_users,ou=Services,o=xxx String set role xxx-it-via No
(Kings_VPN) #show aaa authentication via connection-profile
VIA Connection Profile List
---------------------------
Name References Profile Status
---- ---------- --------------
xxx_via 1
xxx_via_IT 1
default 0
user-role xxx-via-role
via "xxx_via"
access-list session allowall
user-role xxx-it-via
via "xxx_via_IT"
access-list session allowall
