Cisco ASA - VPN Question
Cisco ASA - VPN Question
(OP)
I have a group (Active Dir) that people need to be a part of in order to be able to allow VPN access. I do not see any mention of this group in the config. Can someone tell me what I need to look at to find out how this Active Dir group is associated with VPN? I see the group policy and looking through it in the ADSM I still don't see it.
RE: Cisco ASA - VPN Question
Typically the Radius server will check for conditions such as AD group membership as part of the Radius policy so there might be nothing you can see on the ASA. For example on my NPS server I have a policy that checks for the condiditons:
Authentication Type=MS-CHAP v2
NAS Port Type=Virtual (VPN)
Windows Groups = DOMAIN\VPN Users
It could also be done with LDAP using LDAP Attribute Maps.
Andy
RE: Cisco ASA - VPN Question
RE: Cisco ASA - VPN Question
I have CN's mapped to Group Policies using the 'memberOf' LDAP attribute.
RE: Cisco ASA - VPN Question
RE: Cisco ASA - VPN Question
RE: Cisco ASA - VPN Question