Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Vpn access on ASA using radius or ACS

Hi

Can anyone tell me if just using my firewall with only local authentication I can create policies such as dynamic acl's that i can only allow certain vpn clients to see certain ip addresses, OR do I need an ACS server for this ?

and can I do the same using Windows radius ?

1 REPLY

Re: Vpn access on ASA using radius or ACS

You can do it with either solution you choose, with Radius either ACS or IAS will work as long as the proper attribute is chosen, downladable ACLs are easier to configure on ACS but you can define VSAs on the IAS to define these.

On the ASA you can define this locally by creating VPN filters and applying these filters to a group policy, then based on the user attributes (locally on the ASA) you can assign users to specific group policies where the filters are defined. HTH

417
Views
4
Helpful
1
Replies
CreatePlease to create content