We have aquired IPsec VPN SPA modules for future IPsec VPN Client and L2L VPN implementations.
My question is about the authentication of VPN Clients
Is there a way to keep a local database on the actual device and match local usernames to certain VPN Groups? Or will all usernames configured on the local device be able to log on to any of the configured VPN groups if they happen to have the group name and key?
Would we have to use a separate AAA server to accomplish the "user to group" matching or can it be achieved on the actual device itself where the VPN modules are installed?
Any help or reference to some material would be appriciated