cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
577
Views
0
Helpful
3
Replies

ASA authentication VIA active directory

samirshaikh52
Level 2
Level 2

Hello frndz

Our network consists of 300 client pc's having internet access and almost all of them are joined to active directory domain I am not sure about it Now pro is that I want create the authentication on ASA that any pc which is not joined tp the domain will not have internet access meaning it should ask for domain user credentials

Pc already join to domain can have internet access directly without asking any credentials How can i do this on ASA ?

Plz any help will be highly apprecaited

3 Replies 3

Elly Bornstein
Cisco Employee
Cisco Employee

802.1x is a good option here to implement, basically it has all the switchports in your network become authenticiated ports where if you want to connect to the network, you need to first authenticate to a RADIUS server. This also allows, non-authenticated users to join a special guest vlan where you can control what they have access to.

I believe there is a way to make RADIUS and active directory coincide.

this is not an ASA solution, this is an access layer solution.

thanks for the reply Actually i want bring up autenticated layer in my network Where 802.1x come from? I just want that any client not join to the domain should not have internet access

mmacdonald70
Level 1
Level 1

You might be able to get some of the functions that you want with cut-though proxy:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00807349e7.shtml

This will allow users to authenticate for http, https, ftp and telnet against a Radius server which can be set up to use active directory. There are proxy solutions out there that will allow a Windows AD user to use an existing Active Directory session but as far as I know the ASA is not one of them.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: