How to do this

Unanswered Question
Mar 2nd, 2007

I want VPn Users to autheticate vs my Microsoft Active Directory LDAP Server.

its not working when I try testing the authentication under ASDM.

I want to allow only people in a specific group or OU access to VPN.

Can someone walk me through the proper configuration?

Domain is xxx.local

OU=Security Groups (under domain)

Group under this OU is ITVPN

Users are in this group

Base DN: ou=Security Groups,dc=xxx,dc=local

Scope= All levels beneath the Base DN

nameing Attribute: uid

Login DN: cn=Administrator,cn=Users,dc=xxx,dc=local

Login Password: xxxxxx

LDAP Attribute Map: ITVPN_GROUP

ITVPN_GROUP is Customer name: ITVPN and Attribute map Name: cVPN3000-IETF-Radius-Class

Gives me an erro that attribute not found.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
tim.weid Fri, 03/02/2007 - 15:21

What type of VPN?

Is this going to a concentrator, ASA, is it IPSEC VPN Client or SSL?

zaballa805 Mon, 03/12/2007 - 07:24

i was configuring this same scenario and got the same message. - "Attribute not found"

check your AD attribute and see if you are using the correct attribute value.

What we did was to check on the AD with a LDAP browser.Our naming attribute is cn. we found out that the cn= but when we are connecting via IPSec VPN client, we were just using just the first name as our user id.

hope this helps.

Actions

This Discussion