Cisco Cisco ISA570 Integrated Security Appliance Quick Setup Guide

© 2012 Cisco Systems, Inc. All rights reserved.

Page 1 of 16

Configuring the Cisco ISA500 for Active Directory/LDAP and 
RADIUS Authentication

This application note describes how to authenticate users on a Cisco ISA500 Series security appliance. It 
includes these sections:

User authentication is a way of identifying the user and verifying that the user is allowed to access 
restricted services. With authentication, a user can login to the network from any computer but can 
access only those resources for which they are authorized.

You can configure the ISA500 as a local authentication server, or choose from one or more 
authentication server types such as the Lightweight Directory Access Protocol (LDAP), or RADIUS 
servers as shown here.

The section describes how to configure the authentication using Active Directory through LDAP for the 
ISA500. It includes these sections:

http://www.cisco.com/en/US/products/ps8411/tsd_products_support_series_home.html

Active Directory (AD) is the Microsoft Windows-based application of an LDAP directory structure. Active 
Directory lets you expand the concept of domain hierarchy used in DNS to an organizational level and 
keeps information and settings in a central, easy-to-access database. 

You can configure an Active Directory server so that SSL VPN Clients can authenticate to the ISA500 
with their current network credentials. 

shows the ISA500 in an Active Directory topology.