Your SlideShare is downloading. ×
0
ASA RA VPN with AD Authentication
ASA RA VPN with AD Authentication
ASA RA VPN with AD Authentication
ASA RA VPN with AD Authentication
ASA RA VPN with AD Authentication
ASA RA VPN with AD Authentication
ASA RA VPN with AD Authentication
ASA RA VPN with AD Authentication
ASA RA VPN with AD Authentication
ASA RA VPN with AD Authentication
ASA RA VPN with AD Authentication
ASA RA VPN with AD Authentication
ASA RA VPN with AD Authentication
ASA RA VPN with AD Authentication
ASA RA VPN with AD Authentication
ASA RA VPN with AD Authentication
ASA RA VPN with AD Authentication
ASA RA VPN with AD Authentication
ASA RA VPN with AD Authentication
ASA RA VPN with AD Authentication
ASA RA VPN with AD Authentication
ASA RA VPN with AD Authentication
ASA RA VPN with AD Authentication
ASA RA VPN with AD Authentication
ASA RA VPN with AD Authentication
ASA RA VPN with AD Authentication
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

ASA RA VPN with AD Authentication

2,387

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
2,387
On Slideshare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
29
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Configuring an ASA for remote access VPN with Windows 2003 Active Directory Authentication<br />December 21, 2010<br />
  • 2. Install Internet Authentication Services on a domain controller<br />Information for installing this service can be found on Microsoft’s Technet site at: http://technet.microsoft.com/en-us/library/cc781690%28WS.10%29.aspx<br />
  • 3. Launch the IAS MMC<br />
  • 4. Register the server in Active Directory<br />Click on register and go through the wizard.<br />
  • 5. Install a new RADIUS client<br />
  • 6. Add name and address<br />The name should be something easily recognizable like Cisco ASA<br />The address is the IP address of the inside interface<br />
  • 7. Name and address<br />
  • 8. Enter Shared Secret<br />Click next, and enter the RADIUS shared secret.<br />
  • 9. Added RADIUS client<br />Click finish, and review the newly added client.<br />
  • 10. Add remote access policy<br />
  • 11. Click Next<br />
  • 12. Add a policy name<br />
  • 13. Select VPN radio button<br />
  • 14. Add AD Group Name<br />Users with VPN access will need to be added into this active directory group<br />
  • 15. Add authentication methods<br />Select MS-CHAPv2, and MS-CHAP<br />
  • 16. Select Encryption Levels<br />All encryption levels selected by default<br />
  • 17. Finish the wizard<br />
  • 18. Verify RADIUS Ports<br />
  • 19. RADIUS Ports<br />
  • 20. Confirm authentication methods<br />Edit the properties of the RADIUS client<br />
  • 21. Select unencrypted authentication<br />
  • 22. IAS Configuration Complete<br />Now, time to add the AAA configuration in the Cisco ASA<br />
  • 23. Configure ASA AAA<br />The host is the address of the server where IAS was installed and registered<br />The key is the shared secret<br />
  • 24. Verify AD authentication in ASA<br />The IP address in the ‘test aaa’ command is the IAS server.<br />The test account must be in the AD group added in the IAS policy.<br />
  • 25. All Done<br />Hopefully, it is working for you.<br />If not, check the event logs on the IAS server.<br />Verify the shared secret password matches on the IAS server and the ASA.<br />Verify the IAS service is running.<br />
  • 26. Courtesy of DirFlash<br />

×