Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1668
Views
0
Helpful
2
Replies

AAA for VPN - Kerberos, LDAP or NT Domain?

Go to solution
James.Longman
Level 1
Level 1

‎10-21-2012 08:43 AM - edited ‎03-10-2019 07:42 PM

All,

After a little feedback on what you guys think is the better authentication method for AAA for VPN clients when authenticating against a Windows domain for remote access?

I've always used "NT Domain" as it seemed to roughly correspond to the NT Auth I was used to using on the old Concentrators. However I've (finally) decided to have a look at the Kerberos and LDAP since they must have been added for a reason...

As far as I can tell LDAP adds the option to search AD a little more finely (Base DN) but that's about it. Am I missing something? Is there more of a reason to use LDAP or Kerberos over NT Domain for auth?

What's more reliable? What are you guys using?

Cheers!

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Tarik Admani
VIP Alumni
VIP Alumni

‎10-21-2012 07:35 PM

Either one is reliable, you get the option to map users in different group-policies or apply different DAP policy based on their Group Membership. If you are after basic authentication then your method is still the best way to go.

Thanks,

Tarik Admani
*Please rate helpful posts*

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Tarik Admani
VIP Alumni
VIP Alumni

‎10-21-2012 07:35 PM

Either one is reliable, you get the option to map users in different group-policies or apply different DAP policy based on their Group Membership. If you are after basic authentication then your method is still the best way to go.

Thanks,

Tarik Admani
*Please rate helpful posts*

0 Helpful

Go to solution
James.Longman
Level 1
Level 1
In response to Tarik Admani

‎10-23-2012 07:33 AM

Many thanks!

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents