Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Site-to-site vpn user authentication

I have perused the networking forum looking for information on authenticating users traversing a PIX-PIX vpn tunnel. I have seen several threads discussing remote IPSec client authentication using RADIUS/ACS/RSA servers, but have not found much, if any, information on site-to-site vpn's.

Can users traversing a site-to-site (PIX-PIX) vpn tunnel be authenticated against either a local (PIX)database or an internal RADIUS server?

Further to that, are the (site-to-site or remote) users challenged for each service (Mail, FTP, Telnet, HTTP, etc) that they try to access? Or can they be authenticated once and then permitted access to all services? Can other services be challenged as well?

Any info or URL's would be greatly appreciated.

Thank You,

Dan

1 REPLY
Silver

Re: Site-to-site vpn user authentication

You may want to use aaa authentication using TACACS/RADIUS servers to authenticate users. However, site-to-site VPNs generally do not deploy user authentication methods. Here is a document describing configuring authentication on the PIX and another one on the site to site vpns. Hope they are of help.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094ea9.shtml

http://www.cisco.com/warp/public/779/largeent/avvid/vpn_srnd.pdf

239
Views
0
Helpful
1
Replies
CreatePlease to create content