Re: PIX 501 VPN Login

KeithAttreides_2 · ‎06-01-2006

Hello all,

How can I configure a vpn to a pix 501 to prompt the user for a username and password?

I am not using a RADIUS or TACACS+ server to provide AAA.

I just simply want to create users on the PIX, set a password on the PIX and then have them enter that username/password in order to allow the clients the ability to VPN into the private network.

Any help would be great as I have not been able to find any clear documentation on how to do this. Thanks.

cstepniewski · ‎06-01-2006

Somone could correct me but I think this is how you would do it...

Config t

username Password

vpngroup GROUPNAME authentication-server LOCAL

(as long as this command it in there: aaa-server LOCAL protocol local)

vpngroup GROUPNAME user-authentication

When they VPN in, it should try to authenticate them..

Please rate if it helps...

Thanks!

KeithAttreides_2 · ‎06-01-2006

I will give this a try.

Do I also need to configure the group before or does the

vpngroup GROUPNAME user-authentication

command do that for me?

Thanks. I will rate.

Vikas Saxena · ‎06-02-2006

Hello,

This command is one of the commands while you are defining the VPN group. So this command itself will not create the group.

You will require PIX code >= 6.3 otherwise username password command will not work. In summary local user database did not exist before 6.3

Vikas

manoj.kv · ‎06-02-2006

Hi,

Please see this link,

http://www.cisco.com/en/US/products/sw/secursw/ps2308/products_configuration_example09186a0080094680.shtml

hope this helps

Manoj