Active Directory integration with VPN

upen desai · ‎07-02-2013

Hi

sorry if this question has already been raised, but we use Clientless SSL vpn on the ASA 5550.

I wanted to have active directory integrated to authenticate the VPN sessions.

Can you please advice how best to setup the server details and the LDAP query for this.

many thanks

pankaj29in · ‎07-02-2013

Hi Upen,

As per my knowledge i have used ACS server to do the same, i am not sure about Cisco ASA 5550

it might be having some options in Configuration --> Remote Access VPN --> AAA/Local Users --> AAA Server Groups.

Check it out also let me know.

Regards

Pankaj

Jatin Katyal · ‎07-02-2013

Hi Upen,

You can use the below listed configuration to integrate ASA with AD using LDAP protocol.

aaa-server LDAP-AD protocol ldap

aaa-server LDAP-AD host

server-port 389

ldap-base-dn

ldap-scope subtree

ldap-naming-attribute sAMAccountName

ldap-login-dn

ldap-login-password

server-type microsoft

!

! \\ Test the authentication with the help of below listed command\\

test aaa authentication LDAP-AD host

username: *******

pasword : ********

If you see authentication successful, you may define the server under the tunnel-group.

!

tunnel-group type remote-access

tunnel-group general-attributes

authentication-server-group LDAP-AD

Let me know how it goes.

~BR
Jatin Katyal

**Do rate helpful posts**

~Jatin

mindetondji · ‎07-04-2013

go through those links