Skip navigation
Login   |   Register
Cisco Learning Home > CCIE Security Study Group > Discussions
This Question is Answered 1 Helpful Answer available (2 pts)
7763 Views 7 Replies Latest reply: Dec 22, 2009 7:28 AM by Oscar RSS

Currently Being Moderated

Remote Access VPN with AAA

Dec 9, 2009 11:20 PM

greensheep 11 posts since
Nov 13, 2009

Hi,

 

I found some problem when using remote access vpn with AAA authorization by TACACS server, but the authentication with TACACS is ok.

The ra vpn can run normally by following setting as authenticating by tacacs but authorization by local database.

there is a same copy of username and password on local and ACS

 

......

aaa authentication login userlist group tacacs+ local

aaa authorization network grouplist local

crypto map EZVPN client authentication list userlist

crypto map EZVPN isakmp authorization list grouplist

......

but if change the authorzation method to tacacs(aaa authorization network grouplist group tacacs+ local), the vpn client can not establish with remote peer.

Is there any setting should be done on ACS in order to authorize with ACS server ?

Thanks

Actions

More Like This

  • Retrieving data ...

Bookmarked By (0)