I just passed mine with a pretty decent score.
I just focused on the basics and used a lot of the NetSim to practice
what I can't do in production at work. I felt it was fair exam. Of
course if I failed I might have thought differently.
Now the CCNP stuff is a different TAR ball.
Nicholas
For anyone with similar plans I got this one figured out.
Thanks,
nick
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Nicholas Weaver
Sent: Tuesday, December 11, 2007 5:08 PM
To: cisco-nsp@puck.nether.net
Subject: [c-nsp] Cisco ASA and LDAP (AD)
Has
Has anyone successfully implemented native LDAP from an ASA(8.0.3) to an
AD server for authorization? I am using SDI for authentication to a RSA
7 AM.
I cannot get the LDAP to work with my AD at all (SSL or Not)
I want to use DAP to lookup group membership via LDAP and apply policies
based on
http://www.internetworkexpert.com/
Nicholas Weaver
[EMAIL PROTECTED]
m: 817-914-6166
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Phil Bedard
Sent: Wednesday, October 24, 2007 12:46 PM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]; cisco-nsp
Yeah,
I basically use the IAS rule to define which group they belong to in
Active Directory and then pass back the RADIUS value to choose the
corresponding group I created in ASA. I had 3 different groups and it
worked great. I just make sure that the higher level groups are higher
in the rule
I have done this with Microsoft IAS and it works like a dream. I use it
to restrict VPN access to users that are members of specific Domain
groups. I can also stack the rules to allow for a group per group and
ACL's for Departments...etc.
I am using the new AnyConnect with an ASA 5520 running