Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
540
Views
0
Helpful
3
Replies

How to do this

cisconoobie
Level 2
Level 2

‎03-02-2007 02:49 PM - edited ‎03-10-2019 03:01 PM

I want VPn Users to autheticate vs my Microsoft Active Directory LDAP Server.

its not working when I try testing the authentication under ASDM.

I want to allow only people in a specific group or OU access to VPN.

Can someone walk me through the proper configuration?

Domain is xxx.local

OU=Security Groups (under domain)

Group under this OU is ITVPN

Users are in this group

Base DN: ou=Security Groups,dc=xxx,dc=local

Scope= All levels beneath the Base DN

nameing Attribute: uid

Login DN: cn=Administrator,cn=Users,dc=xxx,dc=local

Login Password: xxxxxx

LDAP Attribute Map: ITVPN_GROUP

ITVPN_GROUP is Customer name: ITVPN and Attribute map Name: cVPN3000-IETF-Radius-Class

Gives me an erro that attribute not found.

Labels:
0 Helpful
3 Replies 3

tim.weid
Level 1
Level 1

‎03-02-2007 03:21 PM

What type of VPN?

Is this going to a concentrator, ASA, is it IPSEC VPN Client or SSL?

0 Helpful

cisconoobie
Level 2
Level 2
In response to tim.weid

‎03-02-2007 05:19 PM

ASA5520 IPSec VPN CLient

0 Helpful

zaballa805
Level 1
Level 1

‎03-12-2007 07:24 AM

i was configuring this same scenario and got the same message. - "Attribute not found"

check your AD attribute and see if you are using the correct attribute value.

What we did was to check on the AD with a LDAP browser.Our naming attribute is cn. we found out that the cn= but when we are connecting via IPSec VPN client, we were just using just the first name as our user id.

hope this helps.

0 Helpful
Customers Also Viewed These Support Documents