Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Cisco Employee

ASA to PIX 525 site-site vpn. Need to authenticate mgmt users via ACS

Hi All,

A customer has the following setup.

An ASA (running 7.1) at the client side has a site-to-site VPN to a headend PIX 525.

The VPN tunnel connects two private networks at either ends using static NAT.

There is an ACS at the headend location.

Network admins logging into remote ASA should be authenticated against the ACS server at headend. ASA is configured to use RADIUS. Basically, the RADIUS traffic should flow over the tunnel into the ACS at headend.

This is not working. However, traffic generated behind the ASA goes over the tunnel correctly.

Also, an administrator who has logged into the ASA box cannot ping the ACS server (which is pingable from behind the ASA).

Any pointers?

Thanks,

Ganesh

105
Views
0
Helpful
0
Replies
CreatePlease login to create content