Velocity Reviews

Velocity Reviews (
-   Hardware (
-   -   VPN Access Using Local and Radius (

chris10e 09-19-2009 05:09 AM

VPN Access Using Local and Radius

Do you have any idea how to authenticate VPN users using both local and radius? I can login using radius but not with local. If I tried to remove authentication-server-group MY_VPN at tunnel group, i can login locally but not radius.

here is my present configuration below for ASA7.2.

aaa-server RADIUS_IAS protocol radius
aaa-server RADIUS_IAS host 10.y.y.y
key *

group-policy MY_VPN internal
group-policy MY_VPN attributes
dns-server value 10.x.x.x
vpn-tunnel-protocol IPSec
group-lock value VPN_CONNECTION
split-tunnel-policy tunnelspecified
split-tunnel-network-list value RADIUS_IAS
default-domain value
split-dns value

tunnel-group VPN_CONNECTION type ipsec-ra
tunnel-group VPN_CONNECTION general-attributes
address-pool IP_POOL
authentication-server-group MY_VPN
default-group-policy MY_VPN
tunnel-group VPN_CONNECTION ipsec-attributes
pre-shared-key *
isakmp keepalive threshold 90

your help is highly appreciated.

I tried "authentication-server-group <aaa-server-group name> LOCAL" but still can't make it work.

All times are GMT. The time now is 09:46 AM.

Powered by vBulletin®. Copyright ©2000 - 2014, vBulletin Solutions, Inc.
SEO by vBSEO ©2010, Crawlability, Inc.