Just one question to better understand what I'm going to do.
among several commands to give the router to permit a VPNClient to authenticate itself I must give the following statements
aaa authentication login userauthen local aaa authorization network groupauthor local
The first one means that for the list userauthen the router must look inside local database. If the last option were "group" I could specify a RADIUS server. Seen what the router must authorize (isakmp parameters) I would ask you if I can store isakmp parameters on a RADIUS server.