Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > Help - Setting Up Authentication via Active Directory (Group Membership) for IPSEC and WebVPN Clients on VPN3K

Reply
Thread Tools

Help - Setting Up Authentication via Active Directory (Group Membership) for IPSEC and WebVPN Clients on VPN3K

 
 
webspider
Guest
Posts: n/a
 
      11-04-2004

I was finally able to setup Authentication for IPSEC clients From
Active Directory (Group Membership). I had to do it via ACS (RADIUS).
It seem so complicated for a "common task": i.e. Allow a user to
authenticate to a VPN3K if they belong to a certain Active Directory
Group.

Questions: 1) Has anyone else set this up ?
2) Also , I would like to use the same Authentication
method for WebVPN users. It looks like I will need to setup another
internal group on the VPN3K , and more logic via ACS


Any thoughts would be appreciated.

Thanks,
David



 
Reply With Quote
 
 
 
 
juniperr
Guest
Posts: n/a
 
      11-04-2004
Yes I have done this and you could have just used IAS (RADIUS) which comes with
windows 2003 and 2000 server instead of buying ACS.

webspider <(E-Mail Removed)> wrote in message news:<(E-Mail Removed)>. ..
> I was finally able to setup Authentication for IPSEC clients From
> Active Directory (Group Membership). I had to do it via ACS (RADIUS).
> It seem so complicated for a "common task": i.e. Allow a user to
> authenticate to a VPN3K if they belong to a certain Active Directory
> Group.
>
> Questions: 1) Has anyone else set this up ?
> 2) Also , I would like to use the same Authentication
> method for WebVPN users. It looks like I will need to setup another
> internal group on the VPN3K , and more logic via ACS
>
>
> Any thoughts would be appreciated.
>
> Thanks,
> David

 
Reply With Quote
 
 
 
 
webspider
Guest
Posts: n/a
 
      11-05-2004
On 4 Nov 2004 12:06:40 -0800, http://www.velocityreviews.com/forums/(E-Mail Removed) (juniperr) wrote:

>Yes I have done this and you could have just used IAS (RADIUS) which comes with
>windows 2003 and 2000 server instead of buying ACS.
>
>webspider <(E-Mail Removed)> wrote in message news:<(E-Mail Removed)>. ..
>> I was finally able to setup Authentication for IPSEC clients From
>> Active Directory (Group Membership). I had to do it via ACS (RADIUS).
>> It seem so complicated for a "common task": i.e. Allow a user to
>> authenticate to a VPN3K if they belong to a certain Active Directory
>> Group.
>>
>> Questions: 1) Has anyone else set this up ?
>> 2) Also , I would like to use the same Authentication
>> method for WebVPN users. It looks like I will need to setup another
>> internal group on the VPN3K , and more logic via ACS
>>
>>
>> Any thoughts would be appreciated.
>>
>> Thanks,
>> David


Were you able to get WebVPN working ?

Also any links to specific docs on AD (Groups) & WebVPN ?

Thanks,
David


 
Reply With Quote
 
ikeloser@gmail.com
Guest
Posts: n/a
 
      12-15-2004
I was just recently able to get the 3005 WEBvpn connecting via IAS
(2000) or AD.
First setup up the AD connection, test auth.
Then set up Webvpn first to use local DB first.
Once you have the Webvpn auth by the local DB, change the order and the
AD should begin authentication.
The key was a statement about global auth. The webvpn doesn't care
about anything other than the global auth.
Here is the link:
http://www.cisco.com/en/US/customer/...5.html#1002793
Good Luck

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Authentication for web clients and Swing clients Francesco Java 1 12-27-2006 03:10 AM
Authenticate VPN3k-clients against AD group robbanwh Cisco 1 02-02-2006 10:37 AM
webvpn and thin clients dt1649651@yahoo.com Cisco 1 06-14-2005 09:58 PM
Authentication via Active Directory unsuccessfull =?Utf-8?B?TQ==?= ASP .Net 0 03-29-2005 04:45 PM
VPN3K: Client Type Limiting via RADIUS Eric Sorenson Cisco 0 01-10-2005 11:05 PM



Advertisments