I am running ASA ver. 8.2(2) and all users are configured in the ASA. This ASA is uses as a VPN ASA and we are using it for remote access for external users. When a user is logged in, he gets all parameters that are need to continue working from outside, such as, IP, assigned to special group with special permissions and so on. All the parameters that are needed are configured under user attribute. See example below:
Thanks a lot to your reply, sorry for the delay, but now I have a chance to verify again the above issue and according to the debug I triggered in ASA (225) , it is getting the right user and recognize it correct. I had no errors. But I am still getting en error from the VPN client. The error I received is "Secure VPN connection terminated locally by the client. Reason 413: User authentication failed." I also tried to get an IP from AD withput success. Any Idea ?
Sorry for the delay, but yesterday I had a chance to check again and to test what I configured accroding to the document that you sent me a while ago (:-)). I triggered the debug on the ASA 5520 and everything looks fine. The LDAP server is sending the right information without any error message. In the VPN client when I am trying to login I am receiving the following error message:
"Secure VPN connection terminated locally by the client. Reason 413:User authentication failed" . Googled this error message and I found that I need to enable the simultaneous logins to enable. I enabled it but I got the same error message. This configuration is under remote access vpn>group-policies>General>more options.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...