ASA 8.0 - SSL VPN Radius VSA

Unanswered Question
Jun 26th, 2007
User Badges:


I'm trying to configure RADIUS to authenticate users and tell ASA which Tunnle Group they should use.

The RADIUS server is an ACS 4.0 with connection to an external database which is MS Active Directory.

The authentication works but I'm having trouble in determining which is the RADIUS VSA I should use to send the Tunnel Group info to the ASA.

At this momento I'm using RADIUS (Cisco VPN 3000/ASA/PIX 7.x+) and the avpair [026/3076/085] Tunnel-Group-Lock. Here, I'm specifuing the corresponding Tunnel Group.

The ASA seems to ignore this av because the user is always put in DefaultWebVPNGroup Tunnel Group.

Any idea?

Thanks in advance

Paulo Vasconcelos

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion