ASA -->ldap --> AAA-Server, through VPN tunnel - not working

Unanswered Question
Apr 15th, 2009
User Badges:

Hi everybody -

we are implementing AAA authentication via LDAP directly between the ASA an our Microsoft DCs - works wonderfull.

What I dont seem to get to work is the LDAP-communication if I try to reach the AAA Server through a Site-2-Site VPN tunnel.

What interface do I choose? Is this at all possible? Anybody done this? I dont see anything in the log when I try the "Test" button to try the authentication ..



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
srue Wed, 04/15/2009 - 06:21
User Badges:
  • Blue, 1500 points or more

make sure the interface that the vpn terminates on is included in the crypto acl along with the aaa-server.

robertblasey Thu, 04/16/2009 - 06:00
User Badges:

I dont get "..interface [...] included in the crypto acl" - lets say the public ip of my outside interface were my Site-2-Site Tunnel terminates should be included in the crypto ACL ????



This Discussion