03-08-2011 03:45 AM
Folks,
We have a requirement here
Integration of openldap with Cisco ASA for SSL VPN users acting openldap and primary authentication and firewall local database as secondary (if openldap fails)
We have below configuration
aaa-server ldap1 protocol ldap
aaa-server ldap1 (AB) host AUTH-SERVER1
ldap-base-dn dc=testgroup,dc=com
ldap-scope subtree
ldap-naming-attribute cn
ldap-login-password *
ldap-login-dn cn=Manager,dc=testgroup,dc=com
ldap-over-ssl enable
server-type openldap
authentication-server-group ldap1 LOCAL
authentication-server-group (AB) ldap1 LOCAL
In openldap, we have seven different groups created.
Similarly in firewall seven groups are created for SSL VPN access and users are binded with
Here is the problem description
1. Users are able to authen
03-08-2011 03:47 AM
As the device has sevel ssl vpn groups configured, the integration should work only from the respective groups.
but here the problem is user is able to authenticate in other groups as well.
pls help
03-09-2011 03:45 AM
Folks,
PLS HELP here
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: