Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

VPN 3000 and Microsoft Active Directory problems

Anyone heard of problems any problems with VPN3000 and Microsoft AD authentication problems. We are having issues currently. We used NT Domain authentication before but since upgraded to AD with that nothing works. Luckly this is still in our trial period with our customers of about 150. We planned on rolling it out but with this problem we had to postpone. Any thoughts would be helpful. VPN box is currently running the latest verion 4.0.1.c-k9.

4 REPLIES
New Member

Re: VPN 3000 and Microsoft Active Directory problems

I believe you must run RADIUS authentication to authenticate to an AD domain. At the very least, I know it works. That's how I do it. Give it a try.

New Member

Re: VPN 3000 and Microsoft Active Directory problems

Just an update. We use RADIUS but these requests fall into our Default Group in RADIUS which is set up to authenticate to the DOMAIN. It worked when we had NT but since Active Directory all VPN authentication broke for VPN connections. Now that said we also use our RADIUS to authenticate our Wireless customers 802.11b LEAP they also used NT Domain auth. We opened a P1 case with TAC and they had us install a patch for RADIUS and now the Wireless customers are now working with AD. You would of thought that this would also of fixed my problem with VPN since they are both using the Default Group in RADIUS. Thanks for your reply.

New Member

Re: VPN 3000 and Microsoft Active Directory problems

What version of RADIUS are you running? I had the same problem running Cisco Secure ACS v2.6. I went ahead and upgraded to v3.1 and it fixed my authentication problems.

New Member

Re: VPN 3000 and Microsoft Active Directory problems

I am running Cisco ACS 3.21 authenticating wireless and VPN clients against both NT and AD domains. Had some problems and got a patch from Cisco to correct the order in which it selects external domains to try authentication.

232
Views
0
Helpful
4
Replies
CreatePlease to create content