10-01-2013 07:55 AM
Hi All,
I'm looking for a solution / guide that will enable our ASA 5510, Firewall V8.4(5), ASDM version 6.4(9) to support Active Directory users. I want to enable our administrators to access the ASA via ASDM using their AD accounts (A local admin account will also exist but not a general knowledge password)
Would anyone be abe to advise on a guide / Solution.
Many Thanks
Solved! Go to Solution.
10-01-2013 12:36 PM
If understood you issue correctly you want tpo enabled AD authention for HTTP/ASDM access to the ASA. If that is correct than you needed the following command using the CLI to enable that
ASA-32-22(config)# aaa authentication http console ?
configure mode commands/options:
LOCAL Predefined server tag for AAA protocol 'local'
WORD Name of RADIUS or TACACS+ aaa-server group for administrative
authentication
After the console you needd to defind the name of the AD server you have configured on the ASA.
YOu can do the same using ASDM:
Change from LOCAL to the AD listed there.
I hope this answers your question.
Thanks
Jeet Kumar
10-01-2013 12:56 PM
Hi Kevin,
Jeet is right.
Using CLI, you can configure following commands:-
If you want to access it from inside:- http 0.0.0.0 0.0.0.0 inside
If you want to access it from outside:- http 0.0.0.0 0.0.0.0 outside
aaa autheitncation http console
Regards,
Naresh
10-01-2013 12:36 PM
If understood you issue correctly you want tpo enabled AD authention for HTTP/ASDM access to the ASA. If that is correct than you needed the following command using the CLI to enable that
ASA-32-22(config)# aaa authentication http console ?
configure mode commands/options:
LOCAL Predefined server tag for AAA protocol 'local'
WORD Name of RADIUS or TACACS+ aaa-server group for administrative
authentication
After the console you needd to defind the name of the AD server you have configured on the ASA.
YOu can do the same using ASDM:
Change from LOCAL to the AD listed there.
I hope this answers your question.
Thanks
Jeet Kumar
10-01-2013 12:56 PM
Hi Kevin,
Jeet is right.
Using CLI, you can configure following commands:-
If you want to access it from inside:- http 0.0.0.0 0.0.0.0 inside
If you want to access it from outside:- http 0.0.0.0 0.0.0.0 outside
aaa autheitncation http console
Regards,
Naresh
10-02-2013 12:03 AM
Thanks to both of you for the above information. Very much appreciated. Thats exactly what I need.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide