Cisco Cisco ISA570 Integrated Security Appliance Quick Setup Guide
© 2012 Cisco Systems, Inc. All rights reserved.
Page 13 of 16
Step 5.
Click OK to save your settings.
You can now use Cisco AnyConnect to establish the SSL VPN tunnels.
Troubleshooting
This section contains information that helps you resolve problems you might encounter when configuring
the SSL VPN configuration. If Logging is enabled on the security appliance (Device Management >
Logs > Log Settings),
the SSL VPN configuration. If Logging is enabled on the security appliance (Device Management >
Logs > Log Settings),
you can use the information in the syslogs for troubleshooting purposes.
•
Why can’t I authenticate 802.1x clients with an Active Directory server?
Only a RADIUS server can be used for 802.1x authentication. An Active Directory server and the
local user database is not supported. Web Login, SSL VPN, IPsec Remote Access, and Captive
Portal can use either an external Active Directory or a RADIUS server or a local database.
local user database is not supported. Web Login, SSL VPN, IPsec Remote Access, and Captive
Portal can use either an external Active Directory or a RADIUS server or a local database.
•
Where should the Active Directory or RADIUS server be located, on the WAN side or the LAN
side?
side?
Either side, as long the server is reachable from the ISA500.
•
Besides Microsoft Active Directory server, what else can I use as an LDAP server?
The ISA500 supports three LDAP schemas; Microsoft Active Directory, RFC 2307 and RFC
2798. You can also use OpenLDAP (
2798. You can also use OpenLDAP (
/) or any other LDAP server which
support these schemas.