Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Authentication control on different VPN concentrators

Hi there,

I have two VPN 3000 concnetrators(concentrator A and concentrator B), one ACE server and one ACS server. The customer wants that some of the users can only logon to concentrator A, but fail to concentrator B. On the other hand, some of the other users can logon to both concentrator A and B. All those users have been distributed with a Secure ID. May I ask that is it possible to achieve this? And would u give me suggestion on how to achieve it?

thanks a lot

David

2 REPLIES
New Member

Re: Authentication control on different VPN concentrators

Under IPSec Parameters > Authentication, select the method you use for user authentication; e.g., external. Be sure to configure the external authentication server appropriately and supply users with the appropriate entries.

New Member

Re: Authentication control on different VPN concentrators

Separate Groups? I think you can use 2 groups. "some of the users" use the group-A (generated only in the cont-A), "some of the other users" use the group-B (generated in cont-A and cont-B, too).

I suppose the "some of the users" dont know the group-B parameters.

hi,

LL

87
Views
0
Helpful
2
Replies
CreatePlease login to create content