Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

Config on Pix firewall un it

I can give some feed back to one of our

customers, and they are implementing two Cisco Pix 515, to act as Firewall's and VPN servers. They asked the question if you could setup multiple VPN profiles on the Pix to point to different authentication servers, ie one profile to a SecurID server, another to a Radius server, lets say. I know you can do it on the Concentrator, but I'm not sure on the PIX. Can you check that for me. Also if you can find any documentation that would be great. Thanks


Re: Config on Pix firewall un it

You can use the "vpngroup ... authentication-server ..." command to specify different AAA servers per vpn group, using either RADIUS or TACACS+. Is this what you need?

New Member

Re: Config on Pix firewall un it

Can that point to a Radius server and point to ScureID server.


Re: Config on Pix firewall un it

The PIX only supports RADIUS and TACACS+ as authentication protocols, so your SecurID server will need to use one of those to communicate with the PIX. The PIX does not support the SDI protocol that the VPN 3000 series does, so that's not an option.

CreatePlease to create content