I am trying to set up an ASA 5510 for RADIUS authentication using MS IAS RADIUS for both administration of the ASA and for VPN access. Both work however it doesn't differentiate between the groups. If a user is a member of the VPN group, they can get access to telnet/enable as well since it just matches the first group it finds.
Is there a parameter I can specify for using RADIUS for administrative login vs VPN other than just windows group matching?
TIA,
Eric