VPN ASA - use loca authentication or radius server

Unanswered Question
Aug 2nd, 2007

Hi,

I use local authentication for the remote VPN access on an ASA. I want to know if it?s necessary to use a radius server for more security. Is there more security to use a radius server instead a local authentication?

I'm new please help me.

Regards,

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jon Marshall Thu, 08/02/2007 - 04:26

Hi

There are good reasons to use a radius server

1) Integration with AD if that is what you want. This means your users can log in to the vpn using their Windows logon.

2) Ease of management. If you have multiple firewalls/routers etc. it is a lot easier to have a centralised user database than to have to update each device.

3) Physical security. Having the user database separate from your firewall increases your level of security.

4) More secure options. You could look to use secure tokens etc. although the ASA will talk natively to a SecurID server.

HTH

Jon

Actions

This Discussion