Remote Access VPN Authentication via AD Groups
Posted on 2014-04-03
Need to use AD to define which users can gain access via the remote Access VPN client. Users are using the IPsec VPN client to gain access to the network and the ASA has a radius server configured pointing to the DC, which also has the NPS role Installed. I would like to use a specific group in AD to filter who has access.
Can someone guide me on how this can be achieved as I have tried creating separate connections request policy and network policy with one specific AD group defined, but it doesnt work.
There is already one (looks like default) connection request policy called Use Windows Authentication for all users.
I have read that I can set up the same server as LDAP server on the ASA and use the ASA to query AD somehow but wanted to ask if someone can help without doing this as will be so much easier.