I am trying to set up an ASA 5510 for RADIUS authentication using MS IAS RADIUS for both administration of the ASA and for VPN access. Both work however it doesn't differentiate between the groups. If a user is a member of the VPN group, they can get access to telnet/enable as well since it just matches the first group it finds.
Is there a parameter I can specify for using RADIUS for administrative login vs VPN other than just windows group matching?
TIA,
Eric
I've been playing with IAS for a while, and have always wanted to know the same thing. I know TACACS+ servers can do this, and I think there are attributes in RADIUS that can do this, but I've yet to figure it out.
Brian
snipped-for-privacy@gmail.com wrote:
Does anyone know the answer for this?
Know the answer for what? You have snipped the entire content of the message.
My apologies. I guess every> I am trying to set up an ASA 5510 for RADIUS authentication using MS
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.