Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Single authentication from VPN to windows domain

Single authentication from VPN to windows domain

Problem: Executives cannot remember two passwords (one for VPN and one for Windows Domain).

How the solution should feel: User “A” logons from home via VPN, through that authentication process they are allowed into the domain with a single authentication process. IE single username and password. Any ideas?

New Member

Re: Single authentication from VPN to windows domain

enable ntdomain as user authentication on the concentrator


i am pretty sure you can enter the credentials in the client profile

under the "Log onto Windows Domain" section under the Authentication Tab

configuring "ntdomain" XAUTH for that group on the concentrator by itself will only use the nt database for authenticating the client's username and password (for logging onto the vpn only (XAUTH/part of Phase 1 IKE SA), not log onto the actual windows network). Make sure that the

"Log onto Windows Domain" box is checked and "Prompt user for logon Credentials" check box is checked to enable logging onto the windows domain. Because the password to logon to the VPN (finish phase 1) is authenticated against the ntdatabase, the password to logon to the actual windows network will be the same, although they may be prompted to enter it again.

"Prompt for network logon credentials—The private network prompts you for a username and password to use its resources. If the logon username or password on your PC differs from those on the private network, use this option."

here is a link that may lead you in the right direction

good luck

CreatePlease login to create content