Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

IOS Only Windows AD Authentication

Does anyone know if it is possible to implement a IOS only solution for RAS login using only a users Windows AD username and password - I know normally this would be done using RADIUS/TACACS+ (no customer $$$), but I am trying to avoid users have to use a local router configured name/pass and then a 2nd Windows AD login to access resources.

I would ideally like to have the have the authentication pass directly to a Windows AD server! I understand from some colleagues that this type of functionality is available in some of Cisco's VPN products - has it made it into IOS?

Any suggestions folks?

1 ACCEPTED SOLUTION

Accepted Solutions
Community Member

Re: IOS Only Windows AD Authentication

Since you do not want to use ACS and AD as its secondary database, you could try MS IAS, or simply configure kerberos authentication.

Since kerberos IOS images are bigger, it might be a better idea to use IAS.

2 REPLIES
Community Member

Re: IOS Only Windows AD Authentication

Since you do not want to use ACS and AD as its secondary database, you could try MS IAS, or simply configure kerberos authentication.

Since kerberos IOS images are bigger, it might be a better idea to use IAS.

Community Member

Re: IOS Only Windows AD Authentication

Thanks, my subsequent research since posting the query took me down the IAS route too! This would be the way to go in this scenario - many thanks for th sanity check.... pdc

311
Views
0
Helpful
2
Replies
CreatePlease to create content