Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
600
Views
0
Helpful
2
Replies

VPN authentication & Authorization.

bicky1976
Level 1
Level 1

‎10-01-2013 03:27 AM

                   How much ...... it is usable with authentication and authorization with ACS having TACACS+ Server. SSL is worse in this case.....?

Is ACS having such support with TACACS+ for VPN policy assigements....?

Labels:
0 Helpful
2 Replies 2

Marcin Latosiewicz
Cisco Employee
Cisco Employee

‎10-01-2013 04:32 AM

http://www.cisco.com/en/US/docs/security/asa/asa90/configuration/guide/aaa_servers.html#wp1052971

tacacs is not supported for authorization of VPN users.

0 Helpful

Jatin Katyal
Cisco Employee
Cisco Employee

‎10-02-2013 03:14 AM

Hi Bikram,

That's right. Tacacs wouldn't help you with authorization for vpn users. Since you'd like to assign group-policy based on user's group/identity. This can only be possible with RADIUS or LDAP. SInce you'd like to configure this with ACS so the first link would work for you.

Configure ACS to Assign a Group Policy at Login using RADIUS

http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_configuration_example09186a00808cf897.shtml

PIX/ASA 8.0: Use LDAP Authentication to Assign a Group Policy at Login

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00808d1a7c.shtml

Please feel free to let us know if you need some additional configuration.

~BR
Jatin Katyal

**Do rate helpful posts**

~Jatin
0 Helpful
Customers Also Viewed These Support Documents