locked
NPS and Cisco ASA 5510 - AnyConnect Certificate based authentication RRS feed

  • Question

  • Hi everyone,

    Hoping someone can help please.

    We're trying to go for a single VPN solution at our company, as we currently have a few through, when buying other companies.

    We're currently running a 2008 R2 domain, so we're looking at NPS and we have Cisco ASA 5510 devices for the VPN side.

    What we would like to achieve, is certificate based authentication. So, user laptop has certificate applied via group policy based on domain membership and group settings, then user goes home. They connect via Cisco AnyConnect via the Cisco ASA 5510 and then that talks to MS 2008 R2 NPS and authenticates for VPN access and following that, network connectivity.

    Has anyone implemented this before and if so, are there any guides available please?

    Many Thanks,
    Dean.

    Wednesday, May 2, 2012 9:40 AM

Answers

  • Hi Dean,

    Thanks for posting here.

    Yes, this is possible . But we have guide about a sample that using Windows based server (RRAS) to act as VPN server and working with Windows RADIUS/NPS server and use certificate based authentication method (Extensible Authentication Protocol-Transport Layer Security (EAP-TLS) or PEAP-TLS without smart cards) for reference :

    Checklist: Configure NPS for Dial-Up and VPN Access

    http://technet.microsoft.com/en-us/library/cc754114.aspx

    Thanks.

    Tiger Li


    Tiger Li

    TechNet Community Support

    Friday, May 4, 2012 6:34 AM

All replies

  • Hi Dean,

    Thanks for posting here.

    Yes, this is possible . But we have guide about a sample that using Windows based server (RRAS) to act as VPN server and working with Windows RADIUS/NPS server and use certificate based authentication method (Extensible Authentication Protocol-Transport Layer Security (EAP-TLS) or PEAP-TLS without smart cards) for reference :

    Checklist: Configure NPS for Dial-Up and VPN Access

    http://technet.microsoft.com/en-us/library/cc754114.aspx

    Thanks.

    Tiger Li


    Tiger Li

    TechNet Community Support

    Friday, May 4, 2012 6:34 AM
  • HI Dean,

     Have you find the solution?

    As 

    Wednesday, August 27, 2014 10:14 PM