Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Secured Internal Network (ASA 5510)

We have an internal subnet (Secured Server LAN) that requires network authorization. This subnet contains a separate AD forest with the servers as members of the domain. The Windows XP clients that access these resources are also members of the secure AD forest but are connected to the corporate LAN. We would want to configure RSA SecureID to provide two-factor authentication for the users. Can the ASA 5510 provide network authorization prior to attempting to login to Active Directory without configuring SSL VPN? Please see attachment...

1 REPLY
Bronze

Re: Secured Internal Network (ASA 5510)

You can able to configure authorization in your ASA device before accessing AD. The below URL presents example procedures for configuring authentication and authorization on the security appliance using the Microsoft Active Directory server. It includes the following use cases:

•User-Based Attributes Policy Enforcement

•Placing LDAP users in a specific Group-Policy

•Enforcing Static IP Address Assignment for AnyConnect Tunnels

•Enforcing Dial-in Allow or Deny Access

•Enforcing Logon Hours and Time-of-Day Rules

http://www.cisco.com/en/US/docs/security/asa/asa81/config/guide/extsvr.html#wp1572118

972
Views
0
Helpful
1
Replies
CreatePlease to create content