Announcement

Collapse
No announcement yet.

VPN Concentrator with AD Authorization

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • VPN Concentrator with AD Authorization

    Hi everyone,

    I was called on a project that consists of setting up a VPN Concentrator to authenticate on the cisco box itself and authorize on Active directory.

    The project was started and they planned to do it over LDAP...and I know doing so requires adding a lot of attributes to the AD Schema..

    If you have done something similar, which way did you go?

    Straight ldap or using IAS/Radius?

    If using IAS, did you need to modify the schema at all?

    Thanks a lot.
    VCP on vSphere (4), MCITP:EA/DBA, MCTS:Blahblah

  • #2
    Re: VPN Concentrator with AD Authorization

    I am doing this on my network.

    I have an ASA 5520 that handles all VPN traffic, both remote access and LAN2LAN VPN traffic.

    I have a Cisco ACS (Windows based) that provides my AD integration via RADIUS for remote access VPN users.

    It works out very well for us, we did not have to do much of anything to our existing AD to get this to work. We pointed the ACS to our AD, then pointed the ASA to the ACS.

    The ACS is worth the money in my opinion, it's very powerful. I am using it to not only authenticate users to ASA device, but I am also authenticating wireless users and using it for TACACS authentication for switch management.
    MCITP:SA, MCSA 2003, MCP, CCNA, A+, Net+, Security+

    Comment


    • #3
      Re: VPN Concentrator with AD Authorization

      I'm really trying to find people who did it straight to AD in LDAP...did you have to add all 57 schema attributes?
      VCP on vSphere (4), MCITP:EA/DBA, MCTS:Blahblah

      Comment


      • #4
        Re: VPN Concentrator with AD Authorization

        No, I didn't have to add the schema attributes. Basically the ACS acted as a gateway between the ASA and the AD.
        MCITP:SA, MCSA 2003, MCP, CCNA, A+, Net+, Security+

        Comment

        Working...
        X