Features comparison between AAA server and VPN 3000 concentrator user auth.
Is it necessary to have AAA server (CSACS) for VPN 3000 concentrator remote access VPN users or the options available in the VPN concentrator are enough to have better authentication ,user netweok access levels , bandwidth assignment for each user,Timebased access and others.
Could you explain in what way AAA server gives scalbility and manageability in terms of AAA functionality.
Re: Features comparison between AAA server and VPN 3000 concentr
I believe there is a limit to the number of users that can be configured locally on the VPN concentrator. The number 100 comes to mind.
I've found that it works best to configure the groups locally on the concentrator, and use the AAA server for user authentication. I've tried configuring the groups on my ACS servers, but keeping up with new attributes introduced with new releases of concentrator code became an issue, and there wasn't really much benefit that I could see.
By using AAA for the user accounts, I'm able to greatly reduce administrative overhead by tying the authentication to our Windows domain. Granting VPN access is now just a simple matter of adding the domain user to the appropriate VPN collection within active directory.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :