Re: 2811 PPTP VPN Integrate with active directory

mrsystemengineer · ‎12-19-2010

Dear,

I was configure PPTP VPN on 2811 router and i need to integrate with windows active directory for remote users. Can any one will help me in this issue.

regards,

mulatif · ‎12-22-2010

Hi ,

I assume that by integration you want AD to authenticate Users ?

There are two ways to do it

1. Configure IAS RADIUS on the domain Controller (IAS is Microsoft RADIUS Service) and then configure the router to use RADIUS to contact the IAS Service. IAS service can be configured to use AD database for User Authentication.

Router config will be similar to below

aaa authentication ppp ias group radius
aaa authorization network default group radius if-authenticated 

vpdn-group pptp
! Default PPTP VPDN group
 accept-dialin
  protocol pptp
  virtual-template 2

interface Virtual-Template2
 
 peer default ip address pool ppp-pool
 ppp encrypt mppe auto
 ppp authentication ms-chap-v2 ias

radius-server host .... (Configure the IAS RADIUS Server Address)

2. If you don't want to use RADIUS then you can configure the Router to talk to AD Server using LDAP.

More info on this can be found below

http://www.cisco.com/en/US/partner/docs/ios/sec_user_services/configuration/guide/sec_cfg_ldap.html


Thanks,
Naman

m.siwecki · ‎05-16-2011

Hi,

i'm interested in configuring PPTP VPN with this second way you gave but i'm unable to access these materials to which you gave the link.

Could you write what should I do?

mulatif · ‎05-16-2011

Hi,

Can you access the below link ?

http://www.cisco.com/en/US/docs/ios/sec_user_services/configuration/guide/sec_cfg_ldap.pdf

You might need to login using your CCO credentials to access the documents.

Thanks,

Naman

m.siwecki · ‎05-16-2011

Yes, I can access this.

Thanks