VPN ASA - use loca authentication or radius server

Unanswered Question
Aug 2nd, 2007
User Badges:


I use local authentication for the remote VPN access on an ASA. I want to know if it?s necessary to use a radius server for more security. Is there more security to use a radius server instead a local authentication?

I'm new please help me.


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Jon Marshall Thu, 08/02/2007 - 04:26
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN


There are good reasons to use a radius server

1) Integration with AD if that is what you want. This means your users can log in to the vpn using their Windows logon.

2) Ease of management. If you have multiple firewalls/routers etc. it is a lot easier to have a centralised user database than to have to update each device.

3) Physical security. Having the user database separate from your firewall increases your level of security.

4) More secure options. You could look to use secure tokens etc. although the ASA will talk natively to a SecurID server.




This Discussion