1-6
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring the Identity Firewall
Information About the Identity Firewall
Figure 1-5 shows a WAN-based deployment to support a remote site. The Active Directory server and
the AD Agent are installed on the main site LAN. The clients are located at a remote site and connect to
the Identity Firewall components over a WAN.
Figure 1-5 WAN-based Deployment
Figure 1-6 also shows a WAN-based deployment to support a remote site. The Active Directory server
is installed on the main site LAN. However, the AD Agent is installed and access by the clients at the
remote site. The remote clients connect to the Active Directory servers at the main site over a WAN.
Figure 1-6 WAN-based Deployment with Remote AD Agent
Figure 1-7 shows an expanded remote site installation. An AD Agent and Active Directory servers are
installed at the remote site. The clients access these components locally when logging into network
resources located at the main site. The remote Active Directory server must synchronize its data with the
central Active Directory servers located at the main site.
Client
ASA
AD Servers
304008
Remote Site Enterprise Main Site
NetBIOS Probe
Login/Authentication
mkg.example.com
10.1.1.2
WAN
AD Agent
WMI
RADIUS
LDAP
Client
ASA
AD ServersAD Agent
304006
Remote Site Enterprise Main Site
RADIUS
mkg.example.com
10.1.1.2
WMI
Login/Authentication
LDAP
WAN
To Next Page
Loading...
Need help?
General
