how can configure VPN client with LDAP?

Answered Question
Jul 12th, 2010

Dear All,,



How can configure VPN client with LDAP on Cisco router and ASA?

i have Cisco router 1841, and ASA 5505.


Best Regards

Rechard_David

Correct Answer by Nagaraja Thanthry about 6 years 7 months ago

Hello,


Here is a sample configuration for the firewall (ASA):


aaa-server TEST protocol nt
aaa-server TEST (inside) host 192.168.254.11
nt-auth-domain-controller Primary
aaa-server TEST (inside) host
nt-auth-domain-controller Cisco


tunnel-group VPNGR type ipsec-ra
tunnel-group VPNGR general-attributes
address-pool VPNPool
authentication-server-group TEST LOCAL
default-group-policy VPNGR


Hope this helps.


Regards,


NT

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Nagaraja Thanthry Mon, 07/12/2010 - 20:34

Hello,


Here is a sample configuration for the firewall (ASA):


aaa-server TEST protocol nt
aaa-server TEST (inside) host 192.168.254.11
nt-auth-domain-controller Primary
aaa-server TEST (inside) host
nt-auth-domain-controller Cisco


tunnel-group VPNGR type ipsec-ra
tunnel-group VPNGR general-attributes
address-pool VPNPool
authentication-server-group TEST LOCAL
default-group-policy VPNGR


Hope this helps.


Regards,


NT

rechard_david Tue, 07/13/2010 - 19:25

Dear NT,


Thanks you for your assist!!!


Could you let me know , How can we configure VPN with LDAP on Cisco Router? Remote acces, not SSL


Best Regards,

Rechard_david

rechard_david Thu, 07/15/2010 - 03:40

Dear NT,


Thank you for your help!!!


I was rate for you already. and about configuration on Router i will be create new topic!!!!


Best Regards,

Rechard

argnetworking Wed, 08/18/2010 - 19:17

/* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin:0in; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:10.0pt; font-family:"Times New Roman"; mso-ansi-language:#0400; mso-fareast-language:#0400; mso-bidi-language:#0400;}

I don't know if you have solved this. But if you want I have a Pix ASA working with authentication and dynamic ACL authorization. I have created a group in LDAP where I put my users and permisions they have (traffic ACL) and I can assign ACLs in a dynamic way (the pix can add ACLs that reads from the LDAP).


Regards,

Gonzalo

Actions

This Discussion