Cisco PIX ASA VPN integration Active Directory IAS

Using AD to authenticate VPN users via a PIX or ASA device

aaa-server RADIUS protocol radius
aaa-server RADIUS max-failed-attempts 3
aaa-server RADIUS deadtime 10
aaa-server RADIUS (inside) host timeout 10

crypto map IPSEC client authentication RADIUS

  • Create a Client matching the inside IP of the PIX w/ shared secret above
  • Modify the policy to match a security group
  • Events for IAS appear in the System Event log

Leave a Reply

Your email address will not be published.