How to Use Active Directory and LDAP to Authenticate Cisco ASA VPN Users: Cisco ASA Training 101

Подписаться 45 тыс.

Просмотров 89 тыс.

50% 1

www.soundtraini...-cisco-asa-training-101 In this Cisco ASA tutorial, IT author-speaker Don R. Crawley shows you how to configure a Cisco ASA Security Appliance to support integration with Active Directory for VPN user authentication using LDAP. By implementing this configuration, remote users can authenticate for the VPN using their Active Directory credentials, thus simplifying network access for them and simplifying user management for the network administrator.

Опубликовано:

12 сен 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 13

@soundtraining 11 лет назад

Thanks for your comment and pointing out the dsquery tool. Much appreciated. I'm sure that will help others in the same situation. As you point out, it depends on your directory structure and the location of affected objects.

@vasekagayev7173 11 лет назад

Thank you. After some searching, I finally found the article that helped me solve the issue

@rbattle2u 4 года назад

Clear and to the point. I was able to use this as a reference to setup my VPN authentication against AD LDAP

@BillDavidsonTPS 8 лет назад

Thank you again, your videos are awesome - this one worked perfect, first try! Ordering your latest ASA book today.

@bdtrap 11 лет назад

Don, thanks for posting this. Excellent quick-and-dirty tutorial. As a note, I followed this and couldn't get authentication to work. When I queried LDAP for my device's DN I got a "cn,ou,dc,dc" pattern. Just thought I'd post this to help anyone else who tried "cn,cn,dc,dc" and got mixed results. In MS Windows you can use the "dsquery" tool from the server to find the LDAP DN/RDN's. e.g. c:\>dsquery user -samid ASA01 "CN=ASA01,OU=Appliances,DC=domainname,DC=tld"

@soundtraining 11 лет назад

I did a search on "cisco vpn ldap authentication group membership" and found a forum post that describes how to do it. (RU-vid doesn't all posting links, so just try that search string.) I'll try to set up a test to confirm it next week and will post the results on the soundtraining[dot]net Facebook page.

@khensanigregorybaloyi5292 7 месяцев назад

Thank you so much, quite informative. I have a question though, Is it possible to configure a failover/backup LDAP server for the same profile, thats incase that DC goes down and the VPN users can still authenticate on the secondary DC? If possible, would you please share the data?

@ashwathmendan732 7 лет назад

Getting certificate validation failure issue on Cisco any connect 3.x onwards on Mac OS x ? Is there any solution

@henrybernard2591 10 лет назад

Thank you

@vasekagayev7173 11 лет назад

At the moment I use this design - Base DN: OU = OUname, dc = example, dc = local. All the users of this OU can authenticate when connected via vpn. How can I narrow the scope to global security group, so that only user of this security group could authenticate?