Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
279
Views
0
Helpful
1
Replies

RA VPN with ASA, AAA, and Radius

branfarm1
Level 4
Level 4

‎12-19-2008 07:45 AM

Hi there,

Is there a way to configure separate AAA groups using Radius for VPN authentication vs device authentication? I currently have my ASA configured with AAA using Radius, and I have no problems with that functionality. I'm using IAS/NPS on Windows Server, and I've created an AD security group to permission users who should be able to login to the device for administrative purposes. I want to be able to use a seperate AD security group for VPN users though. Is this possible?

Thanks in advance,

--Brandon

Labels:
0 Helpful
1 Reply 1

JORGE RODRIGUEZ
Level 10
Level 10

‎12-19-2008 12:58 PM

Brandon,

I think I understand your question and requirements, but please correct me if Im wrong.

I believe your requirements resambles ASA feature intruduce in 8.0 code called Dynamic access Policies , in short (DAP).

Have a complete look at this feature, but I believe this could be one solution for what u need to accompish.

http://www.cisco.com/en/US/products/ps6120/products_white_paper09186a00809fcf38.shtml

Regards

Jorge Rodriguez
0 Helpful
Customers Also Viewed These Support Documents