I have found various articles that state completely different things about what can and cannot be done using Radius authentication on a PIX or ASA.
Can someone provide me with a definitive answer on what my options are or point me to a good whitepaper or 2?
Ideally I would like to have 2 groups of internal users 1 group would be able to VPN in and have view only access to my pix's and routers the second group would be able to vpn in and have admin rights to the pix's and routers, from what I have read this is possible.
I would like to have my admin users to have level 15 access when they login without having to enter a shared password or using their password a second time. I don't think having to enter your own password 2 times is so bad but how would I prevent veiw only users from being able to type "enable" and reenter their AD password to get admin rights.