Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

User group assignment from RSA SecurID RADIUS server

Hello

I am trying to configure an ASA (ver 7.2) for VPN remote access using RSA SecurID for authentication.

My goal is to duplicate a setup that has been in place for years in our Nortel Contivity VPN concentrators. How the access works now:

1) Users open VPN connections to Contivity.

2) Authentication requests are passed to RSA SecureID ACE servers configured to use RADIUS protocol. Each user name is assigned in the RSA server to a user group.

3) The RSA server accepts the user, and returns the corresponding user group ID.

4) User groups are also defined in Contivity, and each group has a filter. The access for each user is restricted based on the user group returned by the RSA server.

Can I achieve the same result using Cisco ASA appliances? I cannot find documentation on how users can be assigned dynamically to a tunnel group based on attributes returned by the RSA RADIUS server.

Thank you,

Cristian

2 REPLIES
Silver

Re: User group assignment from RSA SecurID RADIUS server

New Member

Re: User group assignment from RSA SecurID RADIUS server

Thank you very much.

I will give it a try as soon as I have access again to the lab.

Cristian

298
Views
0
Helpful
2
Replies
CreatePlease login to create content