I have configured my vpn concentrator to use M$ ias so users can authenticate using Acitve Directory. User with the software client are able to connect using active directory. web vpn users are unable to login using active directory but can login using the internal database. Cisco documentation says to do this for radius for webvpn
Assigning WebVPN Users to Groups
Using a RADIUS server to authenticate users, assign users to groups by following these steps:
Hey, snoopdogg - I'm doing exactly the same thing - using M$ IAS to authenticate WebVPNO users. The class attribute is something you setup in IAS. If you go to the IAS policy on the Advanced tab, add an attribute & look for "Class" in the RADIUS Standard attribues section near the top. That's where you can add the "OU=YourGroupName;".
That's all nice & stuff, but it doesn't make everything work for me. The user ID gets authenticated OK against the rule I created, but the group also tries to authenticate to RADIUS as a user, and it fails due to unknown username & password. Any ideas on fixing that?
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...