Basic Active Directory and LDAP Configuration to Authenticate Cisco ASA VPN

asa01# aaa-server LDAPSERVERS protocol ldap
asa01 (config-aaa-server-group)# aaa-server LDAPSERVERS ([interfacename]) host [ipaddress]
asa01 (config-aaa-server-group)# ldap-base-dn DC=somedomain,DC=com,DC=au
asa01 (config-aaa-server-group)# ldap-scope subtree
asa01 (config-aaa-server-group)# ldap-naming-attribute sAMAccountName
asa01 (config-aaa-server-group)# ldap-login-password *****
asa01 (config-aaa-server-group)# ldap-login-dn CN=VPN_Account,OU=Users,DC=somedomain,DC=com,DC=au
asa01 (config-aaa-server-group)# server-type auto-detect

To verify your configuration:

asa01 (config-aaa-server-group)# test aaa-server authentication LDAPSERVERS host [IPAddress] username [someone] password [password]

This will return an INFO: Authentication Successful 🙂

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s