Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1287
Views
0
Helpful
1
Replies

Secured Internal Network (ASA 5510)

psifur123
Level 1
Level 1

‎06-19-2009 11:40 AM - edited ‎03-10-2019 04:33 PM

We have an internal subnet (Secured Server LAN) that requires network authorization. This subnet contains a separate AD forest with the servers as members of the domain. The Windows XP clients that access these resources are also members of the secure AD forest but are connected to the corporate LAN. We would want to configure RSA SecureID to provide two-factor authentication for the users. Can the ASA 5510 provide network authorization prior to attempting to login to Active Directory without configuring SSL VPN? Please see attachment...

Labels:
Preview file
30 KB
0 Helpful
1 Reply 1

wdrootz
Level 4
Level 4

‎06-25-2009 05:21 AM

You can able to configure authorization in your ASA device before accessing AD. The below URL presents example procedures for configuring authentication and authorization on the security appliance using the Microsoft Active Directory server. It includes the following use cases:

•User-Based Attributes Policy Enforcement

•Placing LDAP users in a specific Group-Policy

•Enforcing Static IP Address Assignment for AnyConnect Tunnels

•Enforcing Dial-in Allow or Deny Access

•Enforcing Logon Hours and Time-of-Day Rules

http://www.cisco.com/en/US/docs/security/asa/asa81/config/guide/extsvr.html#wp1572118

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents