Win 2003 + ASA 8.x authentication

thegrave2000 — Sun, 10 Mar 2019 23:00:34 GMT

Hello guys,

I have a client that has a Win 2003 R2 server without AD installed. I have an ASA 5505 which is going to terminate the L2TP over IPSec tunnels (Win XP SP2 or later clients...hopefully). My question is what options do I have for authentication against the local SAM database? I read tons of documents and it seems that LDAP and Kerberos authentication require AD, NTLM can be used only with Web VPN for SSO (besides that it's deprecated in Win 2003 as far as I know) so the only option I've got is running IAS (part of the default packages coming with Win 2003 R2, not an additional soft, right?) and utilizing the local SAM, is that right?

There's a pretty nice article right here:

http://articles.techrepublic.com.com/5100-10878_11-6180954.html

The only thing that bothers me is "The following groups are in this condition" window. What properties should a Win 2003 user group have so that it's eligible for use by the IAS service for authentication purposes? Also - has anyone deployed this setup, are there any non-obvious obstacles/problems that occur? I'm a little bit scared as my Win 2003 administration skills are not pretty good and don't wanna mess up something I cannot fix later.

Re: Win 2003 + ASA 8.x authentication

Marwan ALshawi — Fri, 01 Aug 2008 14:24:01 GMT

check the following link will be useful

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00806de37e.shtml

please rate if helpful

Re: Win 2003 + ASA 8.x authentication

thegrave2000 — Fri, 01 Aug 2008 18:30:57 GMT

I've already read this. Do you notice the little "against Active Directory" thing in the title? My problem is that I have to do this against the local SAM database:)

topic Re: Win 2003 + ASA 8.x authentication in Network Access Control

Win 2003 + ASA 8.x authentication

Re: Win 2003 + ASA 8.x authentication

Re: Win 2003 + ASA 8.x authentication