Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1034
Views
0
Helpful
1
Replies

Authentication with Active Directory

6rlopez_2
Level 1
Level 1

‎06-02-2004 09:43 AM - edited ‎03-10-2019 07:51 AM

I have a VPN between Cisco VPN clients and a PIX firewall. Is it possible to authenticate against the users in the AD in order to have the same access rights and policies as if they were connected to the LAN?

Labels:
0 Helpful
1 Reply 1

tcross3
Level 1
Level 1

‎06-02-2004 12:40 PM

Yes you can. You have to configure your firewall to permit all the ms ports from the group of address that you will assign the users. From the point of view of AD what ever policies you have for the users whould aply. Take a look at this MS link;

http://support.microsoft.com/default.aspx?scid=kb;en-us;318750.

The one thing that if you are not using a radius server you might have problems with ou memberships since the vpn will only recognize NT 4 type domains. What this means if you are configured as a native 2003 AD you will not be able to use the vpn directly. You should then use the windows radius server or cisco acs server. Also all of your account have to be stored in AD using reversible encryption what make the passwords less secure.

Hope this helps.

0 Helpful
Customers Also Viewed These Support Documents