Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

How can i configure VPN 3005 active directory access by group

Hi. I need help to configure a Cisco VPN concentrator. I´ve created an Active Directory's group and added 2 users. In the CVPNC i've configure LDAP autentication and autorization servers.

But i just get to give access to everyone in the Active Directory Server. I just Want To give access to especific users in a group

3 REPLIES
Silver

Re: How can i configure VPN 3005 active directory access by grou

Here is a document which demonstrates how to configure the Cisco VPN 3000 Concentrator to authenticate Cisco VPN Clients to an external Microsoft Windows NT domain server.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2284/products_configuration_example09186a00800949b4.shtml

New Member

Re: How can i configure VPN 3005 active directory access by grou

I think that he is trying to get it to authenticate with a specific group in the domain. I am attempting to do the same thing. I can get the concentrator to authenticate using the domain server but I don't want every user in the domain to be able to authenticate, only ones from a specific group. Does anyone know how I can accomplish this?

New Member

Re: How can i configure VPN 3005 active directory access by grou

Can't you do this from the AD side rather than the VPN side? I would think there's probably a couple of work-arounds i.e. 1) create a new site in AD - assign the IP range in your VPN's address pool to that site. Then implement a GPO for it allowing only those IP's to remotely connect? 2) Similarly, Instead of a site, or group, drop those remote users' accounts into a separate OU and then apply the GPO? etc.

164
Views
0
Helpful
3
Replies