07-12-2010 12:45 AM - edited 03-04-2019 09:01 AM
Dear All,,
How can configure VPN client with LDAP on Cisco router and ASA?
i have Cisco router 1841, and ASA 5505.
Best Regards
Rechard_David
Solved! Go to Solution.
07-12-2010 08:34 PM
Hello,
Here is a sample configuration for the firewall (ASA):
aaa-server TEST protocol nt
aaa-server TEST (inside) host 192.168.254.11
nt-auth-domain-controller Primary
aaa-server TEST (inside) host
nt-auth-domain-controller Cisco
tunnel-group VPNGR type ipsec-ra
tunnel-group VPNGR general-attributes
address-pool VPNPool
authentication-server-group TEST LOCAL
default-group-policy VPNGR
Hope this helps.
Regards,
NT
07-12-2010 08:05 PM
Dear all,
Any body, do you hav any advise?
Best Regards,
Rechard
07-12-2010 08:34 PM
Hello,
Here is a sample configuration for the firewall (ASA):
aaa-server TEST protocol nt
aaa-server TEST (inside) host 192.168.254.11
nt-auth-domain-controller Primary
aaa-server TEST (inside) host
nt-auth-domain-controller Cisco
tunnel-group VPNGR type ipsec-ra
tunnel-group VPNGR general-attributes
address-pool VPNPool
authentication-server-group TEST LOCAL
default-group-policy VPNGR
Hope this helps.
Regards,
NT
07-13-2010 07:25 PM
Dear NT,
Thanks you for your assist!!!
Could you let me know , How can we configure VPN with LDAP on Cisco Router? Remote acces, not SSL
Best Regards,
Rechard_david
07-13-2010 08:13 PM
Hello,
I am not an expert in VPN configurations with routers. But you can use this document to configure the LDAP on the routers:
http://www.cisco.com/en/US/docs/ios/sec_user_services/configuration/guide/sec_cfg_ldap.html
You can use the AAA group in the VPN configuration for authentication.
Hope this helps.
Regards,
NT
07-15-2010 03:40 AM
Dear NT,
Thank you for your help!!!
I was rate for you already. and about configuration on Router i will be create new topic!!!!
Best Regards,
Rechard
08-18-2010 07:17 PM
I don't know if you have solved this. But if you want I have a Pix ASA working with authentication and dynamic ACL authorization. I have created a group in LDAP where I put my users and permisions they have (traffic ACL) and I can assign ACLs in a dynamic way (the pix can add ACLs that reads from the LDAP).
Regards,
Gonzalo
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide