netcomp
asked on
RADIUS on Windows 2003 and on Cisco ASA5500
1. I know Windows Server 2003 includes a RADIUS serve, but not sure what it can offer to client on its own.?(other uses besides below case?
2. We have a Cisco ASA firewall which I have configured IPsec Client VPN on. Currently , I have crated user accounts on the ASA so the user can use it with their vpn client. I was wondering if there was any way using AD in windows for authenticating vpn users. I belive the only way is to use the RADius on windows server but not sure how?
2. We have a Cisco ASA firewall which I have configured IPsec Client VPN on. Currently , I have crated user accounts on the ASA so the user can use it with their vpn client. I was wondering if there was any way using AD in windows for authenticating vpn users. I belive the only way is to use the RADius on windows server but not sure how?
you do not need a radius server the ASA can work with Active Directorat'sy- directly.
Install the ASDM manager for the ASA and go to the configuration wizards for remote access vpn. Enter server and proper credentials - that's it.
Install the ASDM manager for the ASA and go to the configuration wizards for remote access vpn. Enter server and proper credentials - that's it.
ASKER
Wow, the ASDM idea sure souds good. 1.How dos it work does it somehow establish a link with AD.
2.Than, on what situations is RADious on Windows uses?
3.perheps on devices that do not have the ADDM manager like older devices such as pix? 4.Also, where do you install the ASDM manager??
2.Than, on what situations is RADious on Windows uses?
3.perheps on devices that do not have the ADDM manager like older devices such as pix? 4.Also, where do you install the ASDM manager??
ASDM is simply a GUI based console for administering a cisco ASA, which you install on a laptop or PC.
ASDM download http://tools.cisco.com/support/downloads/pub/Redirect.x?mdfid=279513399 - should be on CD that came with ASA.
RADIUS is simply another authenication method to use if you wanted, but AD authentication should be fine. http://technet.microsoft.com/en-us/library/cc787275(WS.10).aspx
RADIUS is an open standard, so yes most network devices support RADIUS.
ASDM download http://tools.cisco.com/support/downloads/pub/Redirect.x?mdfid=279513399 - should be on CD that came with ASA.
RADIUS is simply another authenication method to use if you wanted, but AD authentication should be fine. http://technet.microsoft.com/en-us/library/cc787275(WS.10).aspx
RADIUS is an open standard, so yes most network devices support RADIUS.
ASKER
Ok, I know about ASDM, but thought you are talking about something else.
1. So how dows the ASDM mehtod authanticate to AD? Is that avalible on cisco pix too?
2. is IAS microsot implementation of RADIUS, and if so Is it only available on Enterpize and Data Center editions?
1. So how dows the ASDM mehtod authanticate to AD? Is that avalible on cisco pix too?
2. is IAS microsot implementation of RADIUS, and if so Is it only available on Enterpize and Data Center editions?
Since this is a pretty open ended set of questions and you are not having a specific probelm, I will try and answer your questions as best I can...
Ok, I know about ASDM, but thought you are talking about something else.
1. So how dows the ASDM mehtod authanticate to AD? Is that avalible on cisco pix too?
The ASDM will allow this becuase you will be pointing the appliance to a domain controller for authentication purposes...
http://www.cisco.com/en/US/products/ps6120/prod_configuration_examples_list.html#anchor12
web vpn - http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008067e9ff.shtml
*** http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00806ea271.shtml
...Is that avalible on cisco pix too?
where did the pIX come from - I was under the impression you had a ASa
2. is IAS microsot implementation of RADIUS, and if so Is it only available on Enterpize and Data Center editions?
Yes - it's a windows component - Add remove Programs - Windows Components... http://technet.microsoft.com/en-us/library/cc781690(WS.10).aspx
Ok, I know about ASDM, but thought you are talking about something else.
1. So how dows the ASDM mehtod authanticate to AD? Is that avalible on cisco pix too?
The ASDM will allow this becuase you will be pointing the appliance to a domain controller for authentication purposes...
http://www.cisco.com/en/US/products/ps6120/prod_configuration_examples_list.html#anchor12
web vpn - http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008067e9ff.shtml
*** http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00806ea271.shtml
...Is that avalible on cisco pix too?
where did the pIX come from - I was under the impression you had a ASa
2. is IAS microsot implementation of RADIUS, and if so Is it only available on Enterpize and Data Center editions?
Yes - it's a windows component - Add remove Programs - Windows Components... http://technet.microsoft.com/en-us/library/cc781690(WS.10).aspx
ASKER
"Were did the Pix come from",
Well, we have two Pix firewall on two other sites and I was wondering if I could use them them same way.
Well, we have two Pix firewall on two other sites and I was wondering if I could use them them same way.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
any progress?
ASKER
I am almost there. I shouldhave an update soon.
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00806de37e.shtml
http://crazyvlan.blogspot.com/2008/02/vpn-and-radius-with-cisco-asa-and.html