RADIUS Authentication, PPTP users to be in differnet groups on a 3030?
Is it possible to use Radius for PPTP authentication have still have the user be in a PPTP group (not the base group)? I have about 30 groups and all are IPSEC and I have a need to allow a few PPTP users but I can't figure out how to put them in a group without either using internal user lists, or having them in the base group. Is there any way to do this using RADIUS as my authentication method? (ACS)
Also, second question, is it possible to have PPTP users authenticate with SecurID?
Re: RADIUS Authentication, PPTP users to be in differnet groups
This concept apllies to VPN 3000, Check if it the same for 3030. Define a group say for example finance on the internal database of the concentrator and attributes for this group are defined. In the General tab the group finance , make sure the Strip Realm attribute is checked. Users for this group will externally authenticated via a RADIUS server. The user specifies a string username@realm in our case username @finance (the @realm part identifies the group name to which PPTP user belongs). Concentrator just passes the username infmromation alone stripping of the group name. If the user is authenticated he is assinged the attriubtes.
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...