Cisco ASA 5505 User Manual
Page 718
36-6
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter 36 Configuring the Identity Firewall
Information About the Identity Firewall
shows a WAN-based deployment to support a remote site. The Active Directory server and
the AD Agent are installed on the main site LAN. The clients are located at a remote site and connect to
the Identity Firewall components over a WAN.
Figure 36-5
WAN-based Deployment
also shows a WAN-based deployment to support a remote site. The Active Directory server
is installed on the main site LAN. However, the AD Agent is installed and access by the clients at the
remote site. The remote clients connect to the Active Directory servers at the main site over a WAN.
Figure 36-6
WAN-based Deployment with Remote AD Agent
shows an expanded remote site installation. An AD Agent and Active Directory servers are
installed at the remote site. The clients access these components locally when logging into network
resources located at the main site. The remote Active Directory server must synchronize its data with the
central Active Directory servers located at the main site.
Enterprise Main Site
xxxxxx
ASA
AD Servers
AD Agent
mktg.sample.com
10.1.1.2
WMI
LD
AP
RADIU
S
NetBIOS Probe
Client
Remote Site
WAN
AD
Agent
Login/Authentication
Enterprise Main Site
xxxxxx
ASA
AD Servers
mktg.sample.com
10.1.1.2
RADIUS
Client
Remote Site
Login/Authentication
AD
Agent
AD Agent
LD
AP
WMI
WAN