Cisco VPN Authentication with Windows 2008 DC

we upgraded our AD environment from 2003 to 2008 R2. Since then VPN Authentication has stopped working below is the config I have had in my asa with the 2003 environment that worked. Is there anything new with 2008 that needs added in the ASA?

aaa-server remoteaccess protocol nt
 max-failed-attempts 5
aaa-server remoteaccess (inside) host 10.1.200.16
 nt-auth-domain-controller kdc2
dtadminAsked:
Who is Participating?
 
Ken BooneNetwork ConsultantCommented:
Well the problem is with 2008 everything changed.  Instead of IAS you now have NPS.  Here is a doc that talks about NPS.

Here is a link about NPS:

http://www.windowsnetworking.com/articles_tutorials/Understanding-new-Windows-Server-2008-Network-Policy-Server.html

The main thing that needs to happen is to make sure your policy matches the security as far as the authentication types  i.e. chap, pap,etc.  Make sure you check unencrypted as well.  Its off by default.
0
 
Daniel_SchaferCommented:
DTADMIN, can you summarize what specifically you changed? I'm having what appears to be the same issue using 'protocol nt'.

I followed the link posted by KENBOONEJR, and installed NAP on our 2008 R2 server. What next?
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.