LDAP AUTHENTICATION IN CISCO ASA FOR CISCO CLIENT VPN
Posted on 2010-04-05
Am trying to setup Ldap authentication for client vpn based on Dial in permission enabled in AD.
I have successfully configured the AD servers in AAA and able to do a test authorization and authentication to these servers from ASA.
Also have configured Ldap attribute mapping
However, am not able to fetch the msNPAllowDialin attribute through Ldap query.
For testing run the debug Ldap 255 in the console and tried testing authorization/authentication for an AD Account, I was able to see various parameters like memberOf: , proxyAddresses, displayName etc listed with their values but i don’t see msNPAllowDialin attribute.
Whether i need make any changes in ASA or in my Ldap server?
ASA Model - Cisco 5510, Version 8.0(4)33
LDAP - Windows 2003 Server