Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3973
Views
0
Helpful
6
Replies

LDAP requirements for SSL-VPN on ASR 1002

Go to solution
dtochilovsky
Level 1
Level 1

‎10-05-2012 01:16 PM

Hello All,

I am planning to implement SSL-VPN (AnyConnect) on an ASR 1002 rputer running IOS-XE Software Version 15.1(3)S2.

I need to use LDAP for user authentication, and need to understand what are RADIUS/TACACS requirements to use LDAP.

Do I need to use Cisco ACS or can I use something like Microsoft IAS or Free Raduis?

Any helo will be greatly appreciated.

Thank you

Dmitry.

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee

‎10-05-2012 03:35 PM

Yes, you can use either use LDAP, Radius or Tacacs protocols to authenticate the SSL VPN users.

You can use any authentication server (doesn't need to be Cisco ACS), as long as they supports either of the 3 authentication protocols (ldap, radius or tacacs).

Hope that answers your question.

View solution in original post

0 Helpful
6 Replies 6

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee

‎10-05-2012 03:35 PM

Yes, you can use either use LDAP, Radius or Tacacs protocols to authenticate the SSL VPN users.

You can use any authentication server (doesn't need to be Cisco ACS), as long as they supports either of the 3 authentication protocols (ldap, radius or tacacs).

Hope that answers your question.

0 Helpful

Go to solution
dtochilovsky
Level 1
Level 1
In response to Jennifer Halim

‎10-05-2012 04:16 PM

Thank you Jennifer.

I came across the below configuration guide about SSL VPN on IOS and it states that LDAP is not supported on IOS SSL VPN's. Just wndering if this is in fact true or newer IOS version support LDAP.

http://www.cisco.com/en/US/docs/ios-xml/ios/sec_conn_sslvpn/configuration/15-1mt/sec-conn-sslvpn-ssl-vpn.pdf

     Features Not Supported on the Cisco IOS SSL VPN

     The following features are not supported on the Cisco IOS SSL VPN:

     • Lightweight Directory Access Protocol (LDAP) Support

Dmitry.

0 Helpful

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee
In response to dtochilovsky

‎10-06-2012 01:12 AM

Actually, SSL VPN (AnyConnect) is not supported on ASR platform, only on IOS, not on IOS-XE.

0 Helpful

Go to solution
dtochilovsky
Level 1
Level 1
In response to dtochilovsky

‎10-06-2012 08:31 AM

I found some information on Flex VPN on the IOS-XE platfrom, how is that differenct from IPSEC VPN?

0 Helpful

Go to solution
dtochilovsky
Level 1
Level 1
In response to Jennifer Halim

‎10-07-2012 03:43 PM

Thank you very much for the information Jennifer!

Dmitry.

0 Helpful
Customers Also Viewed These Support Documents