Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
476
Views
0
Helpful
1
Replies

NAC Inband for VPN with SSO Auth

Brian O'Flynn
Level 1
Level 1

‎12-09-2011 06:31 AM - edited ‎03-10-2019 06:37 PM

Hi,

I am looking to introduce SSO into a NAC Deployment for remote access and wanted to check if this situation would work.  Ok, basic setup is Cisco IPSEC VPN with NAC inband after the ASA where the VPN is terminated.  NAC is running 4.1.3(to be upgraded).

The Sequence of events I would like to happen are as follows:

User logs into laptop at home with cached domain credentials

User then logs into Cisco vpn client via wifi or 3g with only pin code authentication

Login credentials from laptop login to be passed to NAC for SSO authentication

Is this a valid solution or would it only work if the VPN client was using AD credentials and have those passed to NAC?

Cheers

Brian

Labels:
0 Helpful
1 Reply 1

Tarik Admani
VIP Alumni
VIP Alumni

‎12-09-2011 11:45 AM

Brian,

If you can get the vpn authentication to work via radius that is the your only option for SSO. The piece that makes this work is radius accounting. If you are not using radius then VPN SSO will not work and you can use ADSSO where that feature uses kerberos and the client has to be registered to the domain.

Let me know if you are using radius to authenticate the users or not.

Thanks,

Tarik Admani

0 Helpful
Customers Also Viewed These Support Documents