About Haim Zohar

Haim Zohar · 02-02-2015

Hello,I hope this is the right place to ask this,I got cisco asa 5512-x, with ipsec vpn remote users,I want to tighten up the security on this, and my thought is to use the RSA securid software token(any other recommendations would be gladly accepted...

Haim Zohar · 07-28-2014

Hello All,I'm using cisco asa 5512-x asdmasa version 9.1(2)asdm version 7.2(1)I configured my ldap server and tested it, connection is ok.but I'm not sure how to configure my ipsec remote vpn, to authenticate users who belong to active directory "VPN...

Haim Zohar · 07-28-2014

HelloI have asa 5512-xasa version 9.1(2)asdm version 7.2(1) Im not really good with cisco syntax, so I use asdmI created a split tunnel remote ipsec vpn with cisco vpn clientthe purpose is to allow traffic from vpn to local lanand to allow traffic fr...

Haim Zohar · 07-29-2014

The LDAP connection and binding is working well,but the issue is, that right now any LDAP user is allowed to authenticate via VPN (ipsec remote vpn using cisco vpn client)which is a problem for me, so how do I permit only a specific LDAP group member...

Haim Zohar · 07-29-2014

Jouni,Your patience and help is simply outstanding,Thank you very much for all of you assistance and well explained details even in a way that I can understand! I really can't thank you enough :)

Haim Zohar · 07-29-2014

Hi Jouni,I've done as mentioned, but one thing I'm missing, how do I limit the traffic to outside via the vpn to be just for "rackspace", I don't want to carry through the vpn tunnel the entire internet traffic of the remote user.

Haim Zohar · 07-29-2014

Thanks for the reply Jouni,This subnet is supposed to be the VPN pool subnet,the traffic for the VPN should be via WAN1this nat rule was created via the vpn wizard,and yes, "rackspace" is located behind the external interface of the asa.sh run crypto...

Haim Zohar · 07-29-2014

Hi Rvarelac, Thank you for the reply,but my question is, how do I narrow the LDAP scope just to a specific ldap group?I have an ldap group called "VPN", I want them and them alone to be able to authenticate via remote VPN any advices?

Member Since	‎07-23-2014 10:46 AM
Date Last Visited	‎08-18-2017 04:02 AM
Posts	12

User Statistics

User Activity

VPN + Token

ldap authentication

vpn acl and nat

The LDAP connection and

Jouni,Your patience and help

Hi Jouni,I've done as

Thanks for the reply Jouni

Hi Rvarelac, Thank you for