- HELP WITH SETTING UP MILITARY CAC CARD READER FOR MAC HOW TO
- HELP WITH SETTING UP MILITARY CAC CARD READER FOR MAC FOR MAC
- HELP WITH SETTING UP MILITARY CAC CARD READER FOR MAC MAC OS X
- HELP WITH SETTING UP MILITARY CAC CARD READER FOR MAC INSTALL
- HELP WITH SETTING UP MILITARY CAC CARD READER FOR MAC SOFTWARE
See Appendix D on how to check LDAP objects in MS. See Appendix A for LDAP & Dynamic Access Policy mapping examples for additional policy enforcement. The ASA image required is at least 8.0.2.19 and ASDM 6.0.2. For example, use port 445 for ASDM and leave 443 for AC/SSL VPN. It is recommended to change the ports on one or the other to gain access. The sections highlighted in BLUE are advanced features that can be included to add more security to the design.ĪSDM and An圜onnect/SSL VPN can not use the same ports on the same interface. DoD mandates OCSP checking but the tunnel works without OCSP configured. For example, a VPN tunnel can be setup with the CAC card without doing OCSP checks, LDAP mappings and Dynamic Access Policy (DAP) checks. The sections highlighted in RED are mandatory configurations needed for basic VPN access. Refer to Multifunction Security Appliances for more information. It is assumed that the network operator is familiar with these configurations.
This guide does NOT cover basic configurations such as interfaces, DNS, NTP, routing, device access, ASDM access and so forth. The CAC certificate is used for authentication and the User Principal Name (UPN) attribute in the certificate is populated in active directory for authorization. It covers the necessary steps in order to deploy a VPN remote access tunnel through an SSL An圜onnect connection. This section covers the configuration of Cisco ASA via ASDM. Refer to the Cisco Technical Tips Conventions for more information on document conventions. If your network is live, make sure that you understand the potential impact of any command. All of the devices used in this document started with a cleared (default) configuration. The information in this document was created from the devices in a specific lab environment.
HELP WITH SETTING UP MILITARY CAC CARD READER FOR MAC SOFTWARE
The information in this document is based on these software and hardware versions:Ĭisco 5500 Series Adaptive Security Appliance (ASA) that runs the software version 8.0(x) and laterĬisco Adaptive Security Device Manager (ASDM) version 6.x for ASA 8.xĬisco An圜onnect VPN Client 2.2 with MAC Support Familiarity with AD group membership, user properties as well as LDAP objects help in the correlation of the authorization process between certificate attributes and AD/LDAP objects. Prerequisites RequirementsĪ basic understanding of Cisco ASA, Cisco An圜onnect Client, Microsoft AD/LDAP and Public Key Infrastructure (PKI) is beneficial in the comprehension of the complete setup. This document also covers advanced features such as OCSP, LDAP attribute maps and Dynamic Access Polices (DAP).
The configuration in this guide uses Microsoft AD/LDAP server. The scope of this document is to cover the configuration of Cisco ASA with Adaptive Security Device Manager (ASDM), Cisco An圜onnect VPN Client and Microsoft Active Directory (AD)/Lightweight Directory Access Protocol (LDAP).
HELP WITH SETTING UP MILITARY CAC CARD READER FOR MAC FOR MAC
To use your CAC with your computer, you’ll still need to download the appropriate drivers (in some cases) as well as the necessary DOD certificates.This document provides a sample configuration on Cisco Adaptive Security Appliance (ASA) for An圜onnect VPN remote access for MAC Support with the Common Access Card (CAC) for authentication.
HELP WITH SETTING UP MILITARY CAC CARD READER FOR MAC INSTALL
However, depending on the level of your operating systems, you many need to install a driver. Opluz Multi-Function Smart Card Reader works on Windows, Mac, and Linux. The use of this program is not supported here for Apple operating systems, as it is not required for Leopard or Snow Leopard.'Ĭan someone please help if it is possible to set up a Mac for CAC use. The program is available for purchase through the manufacturer, and is not available for download from DoD.
HELP WITH SETTING UP MILITARY CAC CARD READER FOR MAC MAC OS X
It was offered for the “Tiger” release (MAC OS X 10.4.9) and is not compatible with Leopard or Snow Leopard (the current release of MAC OS X (10.6.X)). I have not been able to find out how to in any search.Īccording to 'ActivClient is a middleware program used by the DoD to facilitate the cross talk between Windows computers and your Common Access Card. I have been trying to set up a CAC Card Reader (SCR331) for use with my military I.D. I have an iMac with the following specs, Model Name: iMac, Model Identifier: iMac9,1, Processor Name: Intel Core 2 Duo, Processor Speed: 2.66 GHz, OS X 10.5.8
0 kommentar(er)
