I'm in the process of evalutating RSA SecureID and Radius server verision 6.1 In order for my new VPN Client to use RSA for Radius Authentication.
I have to move the order of RSA Authentication server to the top of the list of authentication servers on the Cisco 3000. When I do that, the existing Cisco VPN clients dont work (members of a different group authorizing to Cisco ACE)
If I move the RSA Radius server further down the list, the Cisco VPN clients work authenticating to ACE but the SecureID group authenticating to RSA on the Cisco VPN client fails.
Is there a way so that no matter which order the Radius servers are setup on the Cisco 3000, that the client will find the right Radius server dependent on what group is defined on the Cisco VPN client?