10-21-2012 08:43 AM - edited 03-10-2019 07:42 PM
All,
After a little feedback on what you guys think is the better authentication method for AAA for VPN clients when authenticating against a Windows domain for remote access?
I've always used "NT Domain" as it seemed to roughly correspond to the NT Auth I was used to using on the old Concentrators. However I've (finally) decided to have a look at the Kerberos and LDAP since they must have been added for a reason...
As far as I can tell LDAP adds the option to search AD a little more finely (Base DN) but that's about it. Am I missing something? Is there more of a reason to use LDAP or Kerberos over NT Domain for auth?
What's more reliable? What are you guys using?
Cheers!
Solved! Go to Solution.
10-21-2012 07:35 PM
Either one is reliable, you get the option to map users in different group-policies or apply different DAP policy based on their Group Membership. If you are after basic authentication then your method is still the best way to go.
Thanks,
Tarik Admani
*Please rate helpful posts*
10-21-2012 07:35 PM
Either one is reliable, you get the option to map users in different group-policies or apply different DAP policy based on their Group Membership. If you are after basic authentication then your method is still the best way to go.
Thanks,
Tarik Admani
*Please rate helpful posts*
10-23-2012 07:33 AM
Many thanks!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide