Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Super Bronze

Authentication and group matching in IOS IPSec VPN

Hi,

We have aquired IPsec VPN SPA modules for future IPsec VPN Client and L2L VPN implementations.

My question is about the authentication of VPN Clients

Is there a way to keep a local database on the actual device and match local usernames to certain VPN Groups? Or will all usernames configured on the local device be able to log on to any of the configured VPN groups if they happen to have the group name and key?

Would we have to use a separate AAA server to accomplish the "user to group" matching or can it be achieved on the actual device itself where the VPN modules are installed?

Any help or reference to some material would be appriciated

JF

1 REPLY
New Member

Re: Authentication and group matching in IOS IPSec VPN

You are able to lock down user accounts on the local device to certain tunnel groups.

204
Views
0
Helpful
1
Replies