Thursday, July 23, 2009

Cisco PIX ASA VPN integration Active Directory IAS

Using AD to authenticate VPN users via a PIX or ASA device
aaa-server RADIUS protocol radius
aaa-server RADIUS max-failed-attempts 3
aaa-server RADIUS deadtime 10
aaa-server RADIUS (inside) host timeout 10

crypto map IPSEC client authentication RADIUS
  • Create a Client matching the inside IP of the PIX w/ shared secret above
  • Modify the policy to match a security group
  • Events for IAS appear in the System Event log

No comments:

Post a Comment