Authenticate VPN3k-clients against AD group


Is there a way to restrict VPN3000 client authentication to a specific group i Active Directory?

Authentication agains AD work but then you can authenticate with ANY user-account in AD. I'm able to restrict authentication to a group in the AD if I authenticate thru a RADIUS-server.

The problem is that I don't want to use RADIUS when the only function I call for is to only allow users in a specific group in the AD to be authenticated in the VPN3k concentrator.

Thankful for any advise.

Regards, Robert

Reply to
Loading thread data ...

Microsoft IAS (radius server available on Windows Server) allows you to prequalify or match user membership with a specific "Windows Domain" (as well as other radius attributes like NAS-IP-Address).

Reply to
kodo Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.