RADIUS Authentication, PPTP users to be in differnet groups on a 3030?

Unanswered Question
Oct 8th, 2007

Is it possible to use Radius for PPTP authentication have still have the user be in a PPTP group (not the base group)? I have about 30 groups and all are IPSEC and I have a need to allow a few PPTP users but I can't figure out how to put them in a group without either using internal user lists, or having them in the base group. Is there any way to do this using RADIUS as my authentication method? (ACS)

Also, second question, is it possible to have PPTP users authenticate with SecurID?


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Anonymous (not verified) Fri, 10/12/2007 - 14:08

This concept apllies to VPN 3000, Check if it the same for 3030. Define a group say for example finance on the internal database of the concentrator and attributes for this group are defined. In the General tab the group finance , make sure the Strip Realm attribute is checked. Users for this group will externally authenticated via a RADIUS server. The user specifies a string [email protected] in our case username @finance (the @realm part identifies the group name to which PPTP user belongs). Concentrator just passes the username infmromation alone stripping of the group name. If the user is authenticated he is assinged the attriubtes.


This Discussion