Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Need help configuring VPN client 5.0 with SDI authentication

I'm working on configuring a Pix 525 running OS ver 7.0(2) to accept a VPN client ver 5.0 with a RSA token for user authentication.

I have followed the instructions that I found on the RSA site but am confused as to where it's failing.

I've added the following lines to my configuration:

aaa-server RSAVPN protocol radius

aaa-server RSAVPN host

key *

tunnel-group RSAVPN type ipsec-ra

tunnel-group RSAVPN general-attributes

address-pool ippool authentication-server-group RSAVPN

tunnel-group RSAVPN ipsec-attributes

pre-shared-key *

This doesn't address how the RSA token is passed to the RSA server. I was told the RSA server uses RADIUS to validate the Pix as an authorized client hence the radius group.