I configured the NAC to do SSO with Microsoft AD. The user make login into the domain and the NAC Agent finds your credentials without problems. When we make login on the local computer, the NAC agent requests credentials. If I enter the credentials of the user's domain, occur a authentication error. If I enter the credentials of the user created on CAM, the authentication pass with successful.
But the situation is different from what you understand.
First I login with the local credentials in the station that is not in the domain. Then comes a pop up of Nac Agent requesting credentials. At the moment I enter the credentials of the domain and then the authentication error occurs.
I think that to work, I need to set the option to choose the Authentication Provider.
That's what I was explaining. If you have your agent set to do AD SSO, then you need to login to the Windows Domain, and not to your local computer. If you're logging in to your local computer and want to authenticate the agent to AD, you'll have to define a LDAP auth provider and enable that in your login pages.
If you find this post helpful, please rate so others can find the answer easily
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...