Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

How to do this

I want VPn Users to autheticate vs my Microsoft Active Directory LDAP Server.

its not working when I try testing the authentication under ASDM.

I want to allow only people in a specific group or OU access to VPN.

Can someone walk me through the proper configuration?

Domain is xxx.local

OU=Security Groups (under domain)

Group under this OU is ITVPN

Users are in this group

Base DN: ou=Security Groups,dc=xxx,dc=local

Scope= All levels beneath the Base DN

nameing Attribute: uid

Login DN: cn=Administrator,cn=Users,dc=xxx,dc=local

Login Password: xxxxxx

LDAP Attribute Map: ITVPN_GROUP

ITVPN_GROUP is Customer name: ITVPN and Attribute map Name: cVPN3000-IETF-Radius-Class

Gives me an erro that attribute not found.

3 REPLIES
New Member

Re: How to do this

What type of VPN?

Is this going to a concentrator, ASA, is it IPSEC VPN Client or SSL?

New Member

Re: How to do this

ASA5520 IPSec VPN CLient

New Member

Re: How to do this

i was configuring this same scenario and got the same message. - "Attribute not found"

check your AD attribute and see if you are using the correct attribute value.

What we did was to check on the AD with a LDAP browser.Our naming attribute is cn. we found out that the cn= but when we are connecting via IPSec VPN client, we were just using just the first name as our user id.

hope this helps.

174
Views
0
Helpful
3
Replies
CreatePlease login to create content