topic AAA local user management VPN. in Network Access Control https://community.cisco.com/t5/network-access-control/aaa-local-user-management-vpn/m-p/2027420#M158072 <P>Hi</P><P></P><P>I'm a bit new to Cisco and i find this AAA a bit confusing...</P><P>I've turend on AAA by:</P><P>aaa new-model</P><P></P><P>and it created me:</P><P></P><P>aaa authentication login default local</P><P></P><P>Can I use this "<SPAN style="font-family: courier new,courier;">default</SPAN>" list for WebVPN ? And what would be a different if i create new "<SPAN style="font-family: courier new,courier;">sslvpn</SPAN>" list...</P><P>Also when I'll be creating user for VPN remote access.. that user will also exist in local database and have access to router via SSH?</P><P>Because the research I've done it doesn't seem you can group users in different "aaa groups" e.g. user admin belongs under "<SPAN style="font-family: courier new,courier;">admin</SPAN>" aaa group which can do ssh to router, users for VPN can only do remote VPN access and not SSH and login into router...</P><P></P><P>i saw ASA has some attribute for users called remote-user</P><P></P><P> •<IMG border="0" height="2" src="http://www.cisco.com/en/US/i/templates/blank.gif" width="19" /><STRONG>admin</STRONG>, in which users are allowed access to the configuration mode. This option also allows a user to connect via remote access. </P><P></P><P> <A name="wp1162031" target="_blank"></A></P><P> •<IMG border="0" height="2" src="http://www.cisco.com/en/US/i/templates/blank.gif" width="19" /><STRONG>nas-prompt</STRONG>, in which users are allowed access to the EXEC mode. </P><P></P><P> <A name="wp1162032" target="_blank"></A></P><P> •<IMG border="0" height="2" src="http://www.cisco.com/en/US/i/templates/blank.gif" width="19" /><STRONG>remote-access</STRONG>, in which users are allowed access to the network. </P><P></P><P></P><P>But i can't find this option in IOS on my 1900 Series ISR router.</P> Mon, 11 Mar 2019 02:38:23 GMT ilukeberry 2019-03-11T02:38:23Z AAA local user management VPN. https://community.cisco.com/t5/network-access-control/aaa-local-user-management-vpn/m-p/2027420#M158072 <P>Hi</P><P></P><P>I'm a bit new to Cisco and i find this AAA a bit confusing...</P><P>I've turend on AAA by:</P><P>aaa new-model</P><P></P><P>and it created me:</P><P></P><P>aaa authentication login default local</P><P></P><P>Can I use this "<SPAN style="font-family: courier new,courier;">default</SPAN>" list for WebVPN ? And what would be a different if i create new "<SPAN style="font-family: courier new,courier;">sslvpn</SPAN>" list...</P><P>Also when I'll be creating user for VPN remote access.. that user will also exist in local database and have access to router via SSH?</P><P>Because the research I've done it doesn't seem you can group users in different "aaa groups" e.g. user admin belongs under "<SPAN style="font-family: courier new,courier;">admin</SPAN>" aaa group which can do ssh to router, users for VPN can only do remote VPN access and not SSH and login into router...</P><P></P><P>i saw ASA has some attribute for users called remote-user</P><P></P><P> •<IMG border="0" height="2" src="http://www.cisco.com/en/US/i/templates/blank.gif" width="19" /><STRONG>admin</STRONG>, in which users are allowed access to the configuration mode. This option also allows a user to connect via remote access. </P><P></P><P> <A name="wp1162031" target="_blank"></A></P><P> •<IMG border="0" height="2" src="http://www.cisco.com/en/US/i/templates/blank.gif" width="19" /><STRONG>nas-prompt</STRONG>, in which users are allowed access to the EXEC mode. </P><P></P><P> <A name="wp1162032" target="_blank"></A></P><P> •<IMG border="0" height="2" src="http://www.cisco.com/en/US/i/templates/blank.gif" width="19" /><STRONG>remote-access</STRONG>, in which users are allowed access to the network. </P><P></P><P></P><P>But i can't find this option in IOS on my 1900 Series ISR router.</P> Mon, 11 Mar 2019 02:38:23 GMT https://community.cisco.com/t5/network-access-control/aaa-local-user-management-vpn/m-p/2027420#M158072 ilukeberry 2019-03-11T02:38:23Z AAA local user management VPN. https://community.cisco.com/t5/network-access-control/aaa-local-user-management-vpn/m-p/2027421#M158103 <HTML><HEAD></HEAD><BODY><P>Luka,</P><P></P><P>The ASA and the IOS webvpn is a little different here is a guide that will point you in the right direction:</P><P></P><P><A class="jive-link-external-small" href="http://www.cisco.com/en/US/docs/ios-xml/ios/sec_conn_sslvpn/configuration/15-2mt/sec-conn-sslvpn-ssl-vpn.html#GUID-8A423FE8-F5CD-438D-9FE5-DE6E2E05F813">http://www.cisco.com/en/US/docs/ios-xml/ios/sec_conn_sslvpn/configuration/15-2mt/sec-conn-sslvpn-ssl-vpn.html#GUID-8A423FE8-F5CD-438D-9FE5-DE6E2E05F813</A></P><P></P><P>Thanks,</P><P></P><P></P><P>Tarik Admani <BR />*Please rate helpful posts*</P></BODY></HTML> Sat, 06 Oct 2012 05:55:37 GMT https://community.cisco.com/t5/network-access-control/aaa-local-user-management-vpn/m-p/2027421#M158103 Tarik Admani 2012-10-06T05:55:37Z