Merlin_Raja
asked on
WebVPN - Cisco VPN Concentrator & Cisco ACS
Hi
I have usernames & groups on my VPN Concentrator. I am planning to configure SSL VPN for the clients. I have gone through the following documentation
http://www.cisco.com/en/US/products/hw/vpndevc/ps2284/products_configuration_example09186a008055641a.shtml
I have a question regarding user authentication. The document shows that username and password needs to be entered for the client to be installed. My question is, does the installation of the client takes the policy of the group to which the user is confgured or is it that it is common for all user installation??
Thanks in advance
I have usernames & groups on my VPN Concentrator. I am planning to configure SSL VPN for the clients. I have gone through the following documentation
http://www.cisco.com/en/US/products/hw/vpndevc/ps2284/products_configuration_example09186a008055641a.shtml
I have a question regarding user authentication. The document shows that username and password needs to be entered for the client to be installed. My question is, does the installation of the client takes the policy of the group to which the user is confgured or is it that it is common for all user installation??
Thanks in advance
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Yes, it is .But there is can be more , than just this link.
Beside defining RADIUS, you need add router in ISA(win2003).
AD users, then can be configured with policy.
To troubleshoot/see result, you can enable "log" on ISA, to see , how VPN client is getting authenticated.
By stopping ISA server, and trying to log as VPN user, you can see if your authentication is actually going to the ISA, or still getting authenticated "locally".
Beside defining RADIUS, you need add router in ISA(win2003).
AD users, then can be configured with policy.
To troubleshoot/see result, you can enable "log" on ISA, to see , how VPN client is getting authenticated.
By stopping ISA server, and trying to log as VPN user, you can see if your authentication is actually going to the ISA, or still getting authenticated "locally".
ASKER
Hi dkarpekin
Right now , the devices are vpn concentrator and cisco acs. ISA Server will not come into action at this point of time. However, i will update you as to when I get ISA up and running
Thank you
Right now , the devices are vpn concentrator and cisco acs. ISA Server will not come into action at this point of time. However, i will update you as to when I get ISA up and running
Thank you
No problem.
ASKER
Thanks dkarpekin for the tip.
I got the answer on the ste
http://www.cisco.com/en/US/tech/tk59/technologies_configuration_example09186a00800946a2.shtml
can you confirm if this is the answer??