Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

ASA authentication VIA active directory

Hello frndz

Our network consists of 300 client pc's having internet access and almost all of them are joined to active directory domain I am not sure about it Now pro is that I want create the authentication on ASA that any pc which is not joined tp the domain will not have internet access meaning it should ask for domain user credentials

Pc already join to domain can have internet access directly without asking any credentials How can i do this on ASA ?

Plz any help will be highly apprecaited

Cisco Employee

Re: ASA authentication VIA active directory

802.1x is a good option here to implement, basically it has all the switchports in your network become authenticiated ports where if you want to connect to the network, you need to first authenticate to a RADIUS server. This also allows, non-authenticated users to join a special guest vlan where you can control what they have access to.

I believe there is a way to make RADIUS and active directory coincide.

this is not an ASA solution, this is an access layer solution.

New Member

Re: ASA authentication VIA active directory

thanks for the reply Actually i want bring up autenticated layer in my network Where 802.1x come from? I just want that any client not join to the domain should not have internet access

New Member

Re: ASA authentication VIA active directory

You might be able to get some of the functions that you want with cut-though proxy:

This will allow users to authenticate for http, https, ftp and telnet against a Radius server which can be set up to use active directory. There are proxy solutions out there that will allow a Windows AD user to use an existing Active Directory session but as far as I know the ASA is not one of them.

CreatePlease to create content