Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1335
Views
3
Helpful
3
Replies

PIX VPN with RADIUS Authentication

gparrish
Level 1
Level 1

‎09-11-2003 06:03 PM - edited ‎02-21-2020 10:08 AM

If I am using the Win2k Radius server to authenticate users via the Active Directory domain do I still need the Cisco ACS software to work between these or can the PIX talk and authenticate directly to the Radius server in Windows?

Thanks,

Greg

Labels:
0 Helpful
3 Replies 3

gfullage
Cisco Employee
Cisco Employee

‎09-11-2003 10:01 PM

The PIX will talk directly to any Radius server. Radius is a standard, so as long as the server conforms to the standard (which MS does), then the PIX will get along quite well with it. It doesn't matter that the MS Radius server is authenticating users out of AD, the communication between the PIX and the Radius server is still Radius.

0 Helpful

gparrish
Level 1
Level 1
In response to gfullage

‎09-12-2003 01:59 AM

So when is the Cisco ACS server required or what is the added bnefit it might provide since it is not required? Is it just another RADIUS server?

Thanks,

Greg

0 Helpful

bdube
Level 2
Level 2
In response to gparrish

‎09-12-2003 04:03 AM

From a discussion with my colleague occured some months ago, you have more flexibility and option with TACACS (ACS) than Radius. If my memory is good, the difference is mainly about authorization functions which is more complete and flexible with TACACS.

See also:

http://www.easynet.de/tacacs-faq/tacacs-faq-7.html

Ben

Customers Also Viewed These Support Documents