Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Authentication of users from the remote end of the site-to-site VPN tunnel

Hi,

We have a site-to-site VPN tunnel created between two sites using two PIX's running version 6.1(1) software.

We want the users from the remote network to be authenticated using RADIUS / TACACS+ server before they can access the network (for any IP traffic, not just http, ftp or telnet).

Any ideas?

3 REPLIES
New Member

Re: Authentication of users from the remote end of the site-to-s

http://www.cisco.com/warp/public/110/pixcryaaa52.shtml will show you how to setup xauth.

New Member

Re: Authentication of users from the remote end of the site-to-s

I was referring to User Authentication in site-to-site VPN scenario and not in Remote Access VPN scenario.

New Member

Re: Authentication of users from the remote end of the site-to-s

The PIX can only proxy authenticate for HTTP, telnet or ftp. You’ll have to use that (or virtual HTTP) to have your user authenticate against and then, once authenticated, any additional conduits will open for that user. Use aaa authentication inbound/outbound ANY but have the user authenticate against one of the supported authentication protocols.

90
Views
0
Helpful
3
Replies
CreatePlease to create content