Please I would like to know how can VPN3000 and Cisco Secure ACS can authenticate the usernames enter and manage the VPN 3000 without configuring usernames in the VPN3000 concentrator , but only looking for the database directily in the NT domain . The VPN concentrator working with the Cisco ACS , ans the ACS , look fot the admin usernames and databases in the NT domain server. I hope answers .
Hi Nery. If you looking for information on how to enable the 'external authentication server ' option to authenticate groups for IPSec tunneling, you can do that by selecting the option 'external' for the field 'Type' which is located on Monitoring > General > IPSec > Modify (group) > Identity. To specify an external server for user authentication, use the Configuration > System > Servers > Authentication page. The info is available in http://www.cisco.com/warp/public/471/vpn_3000_auth.html#topic2. Please note that either way the group names need to be configured on the concentrator.
I guess it would be a good idea to visit the 3000 support page. I have found it to be pretty useful.
Technical Support > Hardware Support > Security & VPN Devices > VPN 3000 Series Client/Concentrators.
Hi , thank you very much for the help but what I need to know is something a little diferent than waht you teach me I want to know this solution to authenticate in the VPN3000 to get access there like an administrator , such as when troughout a telnet enter the VPN conentrator and there , it ask us a user and a passord that is in a NT domain , after correct user and pass we have telnet access to type commands directy in VPN conventrator . How can I make VPN3000 concentrator search this username and password in Cisco Secure ACS , and ACS search it in NT server . But this user and pass is for administration , like a telnet , and not for the commom users to access network in general for example like you teach me . Did you understand my really doubt ? Could you please help me ? Thank you very much. Best regards.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...