Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
434
Views
0
Helpful
1
Replies

user Authentication using radius

amardram123
Level 1
Level 1

‎04-28-2010 06:58 AM - edited ‎03-11-2019 10:38 AM

Dear All,

Need suggestion on below requirment:

requirment:

User who will access network devices for managment purpose should be authenticated through tacacs(ACS server 1113)  and user who will access lan resources/application should be authenticated through Radius server.

I have a ACS 1113 appliance.

1. I have a firewall do i need to point it to radius server(windows server) directly for user authentication or to acs server for radius authentication?

2. If i need to point acs server how acs server will redirect the request to actual RADIUS server.

Regards

Amar

Labels:
0 Helpful
1 Reply 1

Jennifer Halim
Cisco Employee
Cisco Employee

‎04-29-2010 05:03 AM

You can configure 2 aaa-server, one radius server and the other tacacs server.

For management, you can configure the following to refer to the tacacs server:

aaa authentication http console

http://www.cisco.com/en/US/docs/security/asa/asa80/command/reference/a1.html#wp1535834

I assume when you mention for user who wants to access internal LAN, it will be authentication for the vpn client connection? If that is correct, then you can assign the aaa-server under tunnel-group:

http://www.cisco.com/en/US/docs/security/asa/asa80/command/reference/a2.html#wp1629625

Hope that helps.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card