Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Users might experience few discrepancies in Search results. We are working on this on our side. We apologize for the inconvenience it may have caused.
New Member

Authenticate VPN clients against AD

Hi All,

I have done in the past a configuration where the VPN clients get authenticated against a RADIUS server and uses the credentials from Active Directory.

Now, I need to configure the ASA to authenticate the VPN clients against AD directly. (There's no RADIUS server). Can I do that?

In other words, can I tell the ASA to talk directly to the AD and authenticate the VPN clients without any RADIUS or other server?

If so, is there's a link or configuration example?

Thank you!


Re: Authenticate VPN clients against AD

Hey, ASA can do this by using either LDAP protocol or authenticate them, Kerberos or NT Domain protocols (the use of either one of these depends on your Windows AD version)

For instance for later Win platforms like 2000 and 2003 LDAP or Kerberos should work, for Old NT environments you can use NT Domain:

CreatePlease to create content