Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 507
  • Last Modified:

Cisco VPN Authentication with Windows 2008 DC

we upgraded our AD environment from 2003 to 2008 R2. Since then VPN Authentication has stopped working below is the config I have had in my asa with the 2003 environment that worked. Is there anything new with 2008 that needs added in the ASA?

aaa-server remoteaccess protocol nt
 max-failed-attempts 5
aaa-server remoteaccess (inside) host
 nt-auth-domain-controller kdc2
1 Solution
Ken BooneNetwork ConsultantCommented:
Well the problem is with 2008 everything changed.  Instead of IAS you now have NPS.  Here is a doc that talks about NPS.

Here is a link about NPS:


The main thing that needs to happen is to make sure your policy matches the security as far as the authentication types  i.e. chap, pap,etc.  Make sure you check unencrypted as well.  Its off by default.
DTADMIN, can you summarize what specifically you changed? I'm having what appears to be the same issue using 'protocol nt'.

I followed the link posted by KENBOONEJR, and installed NAP on our 2008 R2 server. What next?

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now