Problem: Executives cannot remember two passwords (one for VPN and one for Windows Domain).
How the solution should feel: User A logons from home via VPN, through that authentication process they are allowed into the domain with a single authentication process. IE single username and password. Any ideas?
Re: Single authentication from VPN to windows domain
enable ntdomain as user authentication on the concentrator
i am pretty sure you can enter the credentials in the client profile
under the "Log onto Windows Domain" section under the Authentication Tab
configuring "ntdomain" XAUTH for that group on the concentrator by itself will only use the nt database for authenticating the client's username and password (for logging onto the vpn only (XAUTH/part of Phase 1 IKE SA), not log onto the actual windows network). Make sure that the
"Log onto Windows Domain" box is checked and "Prompt user for logon Credentials" check box is checked to enable logging onto the windows domain. Because the password to logon to the VPN (finish phase 1) is authenticated against the ntdatabase, the password to logon to the actual windows network will be the same, although they may be prompted to enter it again.
"Prompt for network logon credentialsThe private network prompts you for a username and password to use its resources. If the logon username or password on your PC differs from those on the private network, use this option."
here is a link that may lead you in the right direction
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :