https://community.cisco.com/t5/network-access-control/ldap-and-acs-configuration/m-p/476704#M428687 <HTML><HEAD></HEAD><BODY><P>When AAA is used, the PIXFirewall must have a server group for each AAA protocol enabled. The aaa-server command is used both to define server groups and to add specific AAA servers to a server group. You can have up to 16 server groups on the PIXFirewall.</P><P><A class="jive-link-custom" href="http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_configuration_guide_chapter09186a00801fd7e3.html#wp634909" target="_blank">http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_configuration_guide_chapter09186a00801fd7e3.html#wp634909</A></P></BODY></HTML> Wed, 17 Aug 2005 20:17:39 GMT didyap 2005-08-17T20:17:39Z https://community.cisco.com/t5/network-access-control/ldap-and-acs-configuration/m-p/476703#M428684 <P>I have setup my LDAP database configuration with the following attributes in the fields:</P><P>User Directory Subtree=OU=7612,DC=1,DC=2</P><P>Group Directory Subtree=OU=7612,DC=1,DC=2</P><P>UserOjectType=subtree</P><P>UserObjectClass=subtree</P><P>GroupObjectType=dn</P><P>GroupObjectClass=top</P><P>GroupAttributeName=top</P><P></P><P>With this configuration, i can get my ACS to talk to my LDAP server. I am trying to setup PIX515E w/RADIUS authen to ACS using LDAP. When i click on Group Mappings, i see all of my network usernames from my domain. I setup RADIUS shared secret key on Firewall with ACS Static IP address. When i set my VPN Pool with XAuth Server as RADIUS, i cannot get authentication. I can VPN into my network, but it will not accept my username and pwd? What am i missing, i cannot figure out.</P><P></P><P>Thanks,</P> Sun, 10 Mar 2019 21:15:54 GMT https://community.cisco.com/t5/network-access-control/ldap-and-acs-configuration/m-p/476703#M428684 federico29 2019-03-10T21:15:54Z https://community.cisco.com/t5/network-access-control/ldap-and-acs-configuration/m-p/476704#M428687 <HTML><HEAD></HEAD><BODY><P>When AAA is used, the PIXFirewall must have a server group for each AAA protocol enabled. The aaa-server command is used both to define server groups and to add specific AAA servers to a server group. You can have up to 16 server groups on the PIXFirewall.</P><P><A class="jive-link-custom" href="http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_configuration_guide_chapter09186a00801fd7e3.html#wp634909" target="_blank">http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_configuration_guide_chapter09186a00801fd7e3.html#wp634909</A></P></BODY></HTML> Wed, 17 Aug 2005 20:17:39 GMT https://community.cisco.com/t5/network-access-control/ldap-and-acs-configuration/m-p/476704#M428687 didyap 2005-08-17T20:17:39Z