Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1138
Views
0
Helpful
2
Replies

Remote Acess VPN vFTD 6.2.3

Artyom krassilnikov
Level 1
Level 1

‎06-27-2018 09:44 PM - edited ‎02-21-2020 07:55 AM

Hi. 

I have virtual FTD 6.2.3 and I can't to deploy RA VPN - "Login error". In trubelshoting section of VPN in Firepower MC i have this message:

AAA Marking LDAP server 172.20.10.100 in aaa-server group 172.20.10.100 as ACTIVE

AAA Marking LDAP server 172.20.10.100 in aaa-server group 172.20.10.100 as failed

Realm is configured. Test connection by AD IP and 389 port - "Test connection succeeded"

Test AD Join  - "Test AD join failed", but groups and users are available and i can dowload them.

Realms reconfiguration does not help, NTP is configured.

Was Do anybody have same issue?

 

 

Labels:
0 Helpful
2 Replies 2

balaji.bandi
Hall of Fame
Hall of Fame

‎06-27-2018 11:04 PM

You need to have Service account in AD to join this device(FTD) in to AD Domain group.

Once you join this FTD to AD, in AD you should also see this is registered there in the AD Server.

Also good to look at Windows side in EVENT Viewer what is wrong  ?

 

Below document explains more detailed :

 

https://www.cisco.com/c/en/us/support/docs/security/asa-firepower-services/200329-Configure-Active-Directory-Integration-w.html

 

 

BB

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Artyom krassilnikov
Level 1
Level 1
In response to balaji.bandi

‎06-18-2019 10:04 PM

Thank you fof help.  It was a problem with VM Windows AD server. in VM Windows server was up 2 interfaces and wrong route.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card