ASA local database authentication

Unanswered Question
Aug 8th, 2007
User Badges:

Hi, all

The problem is that I want to configure a local database on the ASA in order to authenticate WebVPN users, but it looks like ASA is using the same database for authenticating users for SSH access. Is there any way to define which users are going to be authenticated only for WebVPN and not for SSH?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
saiiven07 Thu, 08/09/2007 - 02:32
User Badges:

I thought it could be done under "username testuser attributes" command, but it seems there is no such an option.

Anand Narayana Sun, 08/12/2007 - 21:34
User Badges:
  • Silver, 250 points or more

even i had the same problem, let i had come to know that user will need to authentication via the users created locally for logging in to the device, in such case, i would advice you to login via TACACS, that would be really helpful to track the users who ever logs in via VPN.

saiiven07 Mon, 08/13/2007 - 11:23
User Badges:

Actually, I don't want to use TACACS+ for user authentication, because there's going to be only 7-10 WebVPN users, so deploying TACACS+ server doesn't make any sense. But I was really surprised when I found that there's no any possibility to determine which users are only for WebVPN access and which are only for SSH access.


This Discussion