Quick Note All of the conclusions below were based off of my individual findings dealing with Vue and my cable provider. But, I used some parts of pfSense that a lot of people talk about and I thought it would be good to put it on paper for others to find. For all of the pfSense examples below I am using pfSense 2.4.0-BETA on an Netgate SG-1000. The Issue When the decision to cut the cord it was with much excitement about the upcoming experimenting with different content providers.
The Request I have a client with a data center, a headquarters/DR site, and a lot of branches spread out all over the world with Internet connectivity. They are currently using static IPSEC Internet facing VPNs to connect to their data center and HQ environemts, but the company is hitting a growth spurt and they are quickly realizing this solution is becoming difficult to scale and manage with their limited in-house IT staff.
The Request: Now that Cisco has included SSL VPN licensing as part of the 15.3(3)M IOS I have had multiple clients ask about turning on the capability and reaching back into Active Directory for authentication. The Solution: The equipment I used to lab this solution: Cisco 881 w/ IOS 15.3(3)M3 (10.0.1.238) Windows Server 2008 R2 (10.0.1.231) First we will go through the steps to configure the RADIUS server on Windows so we have access to Active Directory for authentication.
The Request: Two new Nexus 7Ks have been installed at one of my client’s data centers. Management connectivity was brought up to the data center core and verified. I was given console access and told to configure TACACS+1 authentication and authorization on the F2 VDC2. The Solution: Configuring TACACS+ on the Nexus 7K is totally different than on IOS and even different than on the Nexus 5K equipment. It also requires a certain order of operations and there is one solid “gotcha” that most people run into.