This seems to be 2 level authentication with VPN solutions. This is more secure. Actually, the first time you login, RADIUS authenticates you, the VPN connection is established. Later after this, for each service, once again you will be prompted for authentication to login for the individual services like ftp and others. This makes it more secure. The second/service level authentication can be disabled locally on the PIX. But this could not be very secure.