Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

RADIUS based AAA for remote access tunnel groups (remote access VPN users)

Hi,

How would I go about configuring RADIUS based AAA for remote access VPN users?  I have an OSX RADIUS server and an ASA 5510

I think I need to configure something like:

aaa-server RADIUS-GROUP protocol radius

aaa-server RADIUS-GROUP (inside) A.B.C.D

     key KEYNAME

(I want to keep console and SSH using LOCAL, so I keep this: "aaa authentication ssh console LOCAL", right?)

What does the rest of the config look like to get RADIUS based AAA for remote access VPN users?

Thanks

1 ACCEPTED SOLUTION

Accepted Solutions

RADIUS based AAA for remote access tunnel groups (remote access

Hi Greg,

Along with the above commands, you need to configure server-group in the 'tunnel-group type general-attributes.

!

'tunnel-group type general-attributes

authentication-server-group RADIUS-SERVER

!

hth

MS

4 REPLIES

RADIUS based AAA for remote access tunnel groups (remote access

Hello Greg,

Ssh question? Yes, with the LOCAL you are going to keep it with the database.

Remote access VPN Users ( Web clients) question?

aaa authentication secure-http-client
aaa authentication include https outside 60.60.60.60 255.255.255.255 Radius_server


Please rate helpful posts,

Julio
Looking for some Networking Assistance? Contact me directly at jcarvaja@laguiadelnetworking.com I will fix your problem ASAP. Cheers, Julio Carvajal Segura http://laguiadelnetworking.com
New Member

RADIUS based AAA for remote access tunnel groups (remote access

Actually, I was looking for the configuration for standalone VPN client remote access users, not web client users. Thanks.

RADIUS based AAA for remote access tunnel groups (remote access

Hi Greg,

Along with the above commands, you need to configure server-group in the 'tunnel-group type general-attributes.

!

'tunnel-group type general-attributes

authentication-server-group RADIUS-SERVER

!

hth

MS

New Member

RADIUS based AAA for remote access tunnel groups (remote access

Thanks MS!  is there a way to configure back-up AAA using the locally configured info if the RADIUS server goes off line?

Would it look something like?

!

'tunnel-group type general-attributes

authentication-server-group RADIUS-SERVER LOCAL

!

840
Views
0
Helpful
4
Replies