topic ASA with RADIUS via AZURE VPN in VPN https://community.cisco.com/t5/vpn/asa-with-radius-via-azure-vpn/m-p/4276946#M276765 <P>Hello,</P><P>I'm trying to configure ASA 5515-X as authenticator for VPN RA connections. ASA device + switches are on-prem.&nbsp;</P><P>DC and RADIUS are on Windows Server 2016 installled as VM in Azure.</P><P>&nbsp;</P><P>I have working 'Route based' site-to-site VPN tunnel with Azure (VTI interface). I can reach this VM on Azure (ping, rdp, etc..).&nbsp;</P><P>&nbsp;</P><P>My problem is that i can't set up AAA Server on ASA. In Radius configuration window, there is no option to choose VTI interface.</P><P>I found similar topic here: <A href="https://community.cisco.com/t5/vpn/radius-via-azure-vpn/m-p/3803634" target="_blank">https://community.cisco.com/t5/vpn/radius-via-azure-vpn/m-p/3803634</A></P><P>,but in my scenario i don't have public IP assigned to Radius server. I'm trying to set Radius with 'Outside' interface and local IP of Radius on Azure.&nbsp;</P><P>&nbsp;</P><P>I have static route to network with WinServer VM.</P><P>I’ve added command: <EM><STRONG>management-access outside ,</STRONG> </EM>but this won't help - in ASDM, ASA says that management interface can't be with lowest security level. In config i have line with <EM><STRONG>management-access outside,&nbsp;</STRONG></EM>so ASA accept it.</P><P>Radius has configured 'ASA client' with my public (IP of 'Outside' interface).</P><P>&nbsp;</P><P>I know from other topic, that this connection is possible but i'm running out of ideas.</P><P>Can anybody help me?</P><P>&nbsp;</P><P>Kind Regards,</P><P>Damian</P> Thu, 21 Jan 2021 18:02:29 GMT DamianKolodziej03650 2021-01-21T18:02:29Z ASA with RADIUS via AZURE VPN https://community.cisco.com/t5/vpn/asa-with-radius-via-azure-vpn/m-p/4276946#M276765 <P>Hello,</P><P>I'm trying to configure ASA 5515-X as authenticator for VPN RA connections. ASA device + switches are on-prem.&nbsp;</P><P>DC and RADIUS are on Windows Server 2016 installled as VM in Azure.</P><P>&nbsp;</P><P>I have working 'Route based' site-to-site VPN tunnel with Azure (VTI interface). I can reach this VM on Azure (ping, rdp, etc..).&nbsp;</P><P>&nbsp;</P><P>My problem is that i can't set up AAA Server on ASA. In Radius configuration window, there is no option to choose VTI interface.</P><P>I found similar topic here: <A href="https://community.cisco.com/t5/vpn/radius-via-azure-vpn/m-p/3803634" target="_blank">https://community.cisco.com/t5/vpn/radius-via-azure-vpn/m-p/3803634</A></P><P>,but in my scenario i don't have public IP assigned to Radius server. I'm trying to set Radius with 'Outside' interface and local IP of Radius on Azure.&nbsp;</P><P>&nbsp;</P><P>I have static route to network with WinServer VM.</P><P>I’ve added command: <EM><STRONG>management-access outside ,</STRONG> </EM>but this won't help - in ASDM, ASA says that management interface can't be with lowest security level. In config i have line with <EM><STRONG>management-access outside,&nbsp;</STRONG></EM>so ASA accept it.</P><P>Radius has configured 'ASA client' with my public (IP of 'Outside' interface).</P><P>&nbsp;</P><P>I know from other topic, that this connection is possible but i'm running out of ideas.</P><P>Can anybody help me?</P><P>&nbsp;</P><P>Kind Regards,</P><P>Damian</P> Thu, 21 Jan 2021 18:02:29 GMT https://community.cisco.com/t5/vpn/asa-with-radius-via-azure-vpn/m-p/4276946#M276765 DamianKolodziej03650 2021-01-21T18:02:29Z