Cisco Cisco ISA570W Integrated Security Appliance Guia De Configuração Rápida
© 2012 Cisco Systems, Inc. All rights reserved.
Page 1 of 16
Configuring the Cisco ISA500 for Active Directory/LDAP and
RADIUS Authentication
RADIUS Authentication
This application note describes how to authenticate users on a Cisco ISA500 Series security appliance. It
includes these sections:
includes these sections:
•
•
•
•
User authentication is a way of identifying the user and verifying that the user is allowed to access
restricted services. With authentication, a user can login to the network from any computer but can
access only those resources for which they are authorized.
restricted services. With authentication, a user can login to the network from any computer but can
access only those resources for which they are authorized.
You can configure the ISA500 as a local authentication server, or choose from one or more
authentication server types such as the Lightweight Directory Access Protocol (LDAP), or RADIUS
servers as shown here.
authentication server types such as the Lightweight Directory Access Protocol (LDAP), or RADIUS
servers as shown here.
Configuring Active Directory/LDAP Authentication
The section describes how to configure the authentication using Active Directory through LDAP for the
ISA500. It includes these sections:
ISA500. It includes these sections:
•
•
http://www.cisco.com/en/US/products/ps8411/tsd_products_support_series_home.html
Configuring an Active Directory Server
Active Directory (AD) is the Microsoft Windows-based application of an LDAP directory structure. Active
Directory lets you expand the concept of domain hierarchy used in DNS to an organizational level and
keeps information and settings in a central, easy-to-access database.
Directory lets you expand the concept of domain hierarchy used in DNS to an organizational level and
keeps information and settings in a central, easy-to-access database.
You can configure an Active Directory server so that SSL VPN Clients can authenticate to the ISA500
with their current network credentials.
with their current network credentials.
Figure 1
shows the ISA500 in an Active Directory topology.