Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

vpn 3000 radius + internal database

Hello,

i think this question is too obvious for most of you, but here it goes...

We have defined a group that authenticates users in a external Radius with success...but now we need to add some internal users to have this same profile (maybe same group??) and authenticate , but internally..

is that possible???

thank you in advance,

3 REPLIES

Re: vpn 3000 radius + internal database

Ismael, according to this document yes it is feasable to use internal user database for user authentication through its local database.. please refer to this doc.. you can have up to 100 groups or 100 users in the internal database but that does not exceed 100 in combination of both groups and users in vpn 3005/30015, the number for local database groups and users is 1000 for vpn3060 and 3080.

Basic configuration

http://www.cisco.com/en/US/products/hw/vpndevc/ps2284/products_getting_started_guide_chapter09186a008015cfd5.html

FAQ

http://www.cisco.com/en/US/products/hw/vpndevc/ps2284/products_qanda_item09186a0080094cf4.shtml

HTH

Jorge

pls rate any helpful post if it helps!

New Member

Re: vpn 3000 radius + internal database

yes, it is feasible to use internal database, but..is it possible that a user called, let's say ciscouser, first try to authenticate against RADIUS, and if it fails there, try to authenticate as last resort in internal database???

thank you..

Re: vpn 3000 radius + internal database

It shouldn't because when you create a newvpn group,you will explicitely indicate in the new group configuration that the method of auth be internal but RADIUS,best is to create the new group, new user in internal database and test it.

HTH

Jorge

111
Views
0
Helpful
3
Replies