Hi,
i have a 5506-x at Site B connecting to a 5515 at Site A via a site-to-site VPN tunnel. there is only the one Domain Controller at Site A which i'm trying to setup LDAP authentication from Site B for Anyconnect VPN users.
if i setup authenti...
Thank you Rahul!!
perfect. i just added the ACL and NAT rules to both sides as you suggested and it works!
i'm so ever grateful! i've been trying to work this out for over a week. i should have just come to the forums earlier! haha thanks again
Hi Dennis,can you kindly explain what i need to check for specifically? how can i ensire LDAP authentication is part of protected traffic on teh s2s?(this part you'll hate)... most of my config ability is done via ASDM, so you can appreciate my lack ...
so just to clarify
DMZ-PAC is the 'inside' interface of Site A ASA where the LDAP server is hosted
Anyconnect clients connect to Site B ASA, which then attempts to authenticate via the tunnel across to Site A
so i'm a bit lost when you say 'use...
Hi Mohammed,
here's a show route of Site A, ASA
the VPN tunnel is built over interface EXTERNAL
Gateway of last resort is XXX.148.68.141 to network 0.0.0.0
C 10.61.62.0 255.255.255.224 is directly connected, TRUSTEDC 10.61.61.0 255.255.255.0 is d...
can you elaborate? is the OpenOTP solution workable with the Cisco IPSec client?
i've trialled the DUO solution and it works great, but for $36 per user per year it's kind of expensive for smaller firms like our (less than 100 employees, and less t...