We are moving from a 3005 vpn concentrator to an ASA5510 VPN appliance. On the 3005 concentrator we are able to map drives to Microsoft server's without a problem. After logging in successfully on the ASA we attempt to map to the server's BUT we are prompted to login to get the mapped drive. Once we input the AD account and password, we get the mapped drive. We authenticate via Microsoft's IAS radius service. What am I missing?
I'm not an expert on the 3005... But it should have worked the same way as the ASA VPN does regarding Windows server authentication. Meaning that it's not involved for the most part. The ASA will authenticate the connection, but won't authenticate the connecting machine to any windows server. That's the job of the windows workstation and the windows server.
Normally if the machine is a domain machine, has cached user credentials, then it will authenticate to the destination server without prompting for credentials....
I would have thought it would work the same way as the 3005 as well but it is not. The PC's that we have tested are part of the domain. I have tried secondary authentication via Kerbero's but I still get prompted for a login and password after radius authentication occurs.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...