Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member

ASA local database authentication

Hi, all

The problem is that I want to configure a local database on the ASA in order to authenticate WebVPN users, but it looks like ASA is using the same database for authenticating users for SSH access. Is there any way to define which users are going to be authenticated only for WebVPN and not for SSH?

Community Member

Re: ASA local database authentication

I thought it could be done under "username testuser attributes" command, but it seems there is no such an option.

Re: ASA local database authentication

even i had the same problem, let i had come to know that user will need to authentication via the users created locally for logging in to the device, in such case, i would advice you to login via TACACS, that would be really helpful to track the users who ever logs in via VPN.

Community Member

Re: ASA local database authentication

Actually, I don't want to use TACACS+ for user authentication, because there's going to be only 7-10 WebVPN users, so deploying TACACS+ server doesn't make any sense. But I was really surprised when I found that there's no any possibility to determine which users are only for WebVPN access and which are only for SSH access.

CreatePlease to create content