07-31-2007 01:33 PM - edited 02-20-2020 09:39 PM
Hi,
I have our VPN users logging in via our Cisco Concentrator using Windows IAS RADIUS server. The thing is users can log in with there Active directory username and password and the don't need to put the domain first (in the VPN client) for example domain\username is this right? How does it know the domain name?
08-06-2007 01:37 PM
Establish an IPsec tunnel between a Cisco VPN 3000 Concentrator and a Cisco VPN Client 4.x for Windows using RADIUS for user authentication and accounting. This document recommends the Cisco Secure Access Control Server (ACS) for Windows for the easier RADIUS configuration to authenticate users that connect to a VPN 3000 Concentrator. A group on a VPN 3000 Concentrator is a collection of users treated as a single entity. The configuration of groups, as opposed to individual users, can simplify system management and streamline configuration tasks.
08-06-2007 09:19 PM
Thanks but windows IAS was very easy and quick to setup and costs nothing.
08-08-2007 09:14 AM
The VPN Concentrator does not know. It only passes the information that it received (username/password) from the client, sends it on to the RADIUS server and then expects a Yes or No answer back from the RADIUS server.
The default User Database for IAS is AD. Look in the IAS MMC under "Connection Request Processing" --> "Connection Request Policies" and you should see "Use Windows authentication for all users"; thats where it is getting its settings from.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide