Re: Active directory integration using Cisco2911 router
I think, you want that user should be authenticated by active directory database whenever they login to the router using telnet/ssh. Well, if that is the case then you have to integrate router with some external radius server, that could be Microsoft IAS. Now here we need to integrate AD with IAS or we can make our AD (domain controller) as a radius server.
On the router you only need to issue couple of commnads;
aaa authentication login default group radius local
radius-server host key
username privilege 15 password
For IAS side configuration, please check the below listed document;
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...