Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1173
Views
0
Helpful
2
Replies

Client Authentication VPN3000

henrysacco
Level 1
Level 1

‎03-17-2004 11:08 AM - edited ‎02-21-2020 10:09 AM

I have a VPN concentrator that is configured for client authentication using an NT domain. I dont want every account in Active Directory to have VPN access, so i was wondering if it was possible to limit the scope of where the vpn 3000 looks for accounts to authenticate. Can it be limited to a particular organiztional Unit in Active Directory?

Labels:
0 Helpful
2 Replies 2

kerry.whittaker
Level 1
Level 1

‎03-17-2004 05:38 PM

You may have to use ACS. It can check the windows groups and dial-in settings. then replay to the VPN server correctly.

0 Helpful

jjkruege
Level 1
Level 1

‎04-05-2004 08:05 AM

You would have to use Radius. Microsoft's built in IAS would do the trick. It can allow you to specify a group that can access the VPN. I'm not sure if it can match on an OU though... Maybe. You might also have to be in Native mode for some of that to work.

0 Helpful
Customers Also Viewed These Support Documents