Authenticate VPN clients against AD

Unanswered Question
Mar 3rd, 2009

Hi All,

I have done in the past a configuration where the VPN clients get authenticated against a RADIUS server and uses the credentials from Active Directory.

Now, I need to configure the ASA to authenticate the VPN clients against AD directly. (There's no RADIUS server). Can I do that?

In other words, can I tell the ASA to talk directly to the AD and authenticate the VPN clients without any RADIUS or other server?

If so, is there's a link or configuration example?

Thank you!

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Ivan Martinon Tue, 03/03/2009 - 10:15

Hey, ASA can do this by using either LDAP protocol or authenticate them, Kerberos or NT Domain protocols (the use of either one of these depends on your Windows AD version)

For instance for later Win platforms like 2000 and 2003 LDAP or Kerberos should work, for Old NT environments you can use NT Domain:


This Discussion