Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Bronze

RA VPN with ASA, AAA, and Radius

Hi there,

Is there a way to configure separate AAA groups using Radius for VPN authentication vs device authentication? I currently have my ASA configured with AAA using Radius, and I have no problems with that functionality. I'm using IAS/NPS on Windows Server, and I've created an AD security group to permission users who should be able to login to the device for administrative purposes. I want to be able to use a seperate AD security group for VPN users though. Is this possible?

Thanks in advance,

--Brandon

1 REPLY

Re: RA VPN with ASA, AAA, and Radius

Brandon,

I think I understand your question and requirements, but please correct me if Im wrong.

I believe your requirements resambles ASA feature intruduce in 8.0 code called Dynamic access Policies , in short (DAP).

Have a complete look at this feature, but I believe this could be one solution for what u need to accompish.

http://www.cisco.com/en/US/products/ps6120/products_white_paper09186a00809fcf38.shtml

Regards

128
Views
0
Helpful
1
Replies