https://community.cisco.com/t5/network-security/securing-pix-remote-users/m-p/875056#M494396 <P>I am running a PIX 515 with IOS 7.1.2</P><P></P><P>Right now we use the group-authentication to authenticate remote cisco clients when VPNing into our PIX but have no control when a user leaves the company to deny him VPNing in unless we change the group password and then have to change every clients software to reflect the new password.</P><P></P><P>Can anyone point me to documentation on how to better secure this. We use Windows 2003 AD and I would like a way to configure a AD group that the PIX would look at to verify that it is a legitatimate user connecting.</P><P></P><P>I thought I also read about setting up a RADIUS server and using that but I have never worked with a RADIUS server. Can I just load one on a Windows 2003 server?</P><P></P><P>What would I need to do on the PIX side to get this running?</P><P></P><P>Thanks.</P> Fri, 21 Feb 2020 09:50:59 GMT boschrexroth 2020-02-21T09:50:59Z https://community.cisco.com/t5/network-security/securing-pix-remote-users/m-p/875056#M494396 <P>I am running a PIX 515 with IOS 7.1.2</P><P></P><P>Right now we use the group-authentication to authenticate remote cisco clients when VPNing into our PIX but have no control when a user leaves the company to deny him VPNing in unless we change the group password and then have to change every clients software to reflect the new password.</P><P></P><P>Can anyone point me to documentation on how to better secure this. We use Windows 2003 AD and I would like a way to configure a AD group that the PIX would look at to verify that it is a legitatimate user connecting.</P><P></P><P>I thought I also read about setting up a RADIUS server and using that but I have never worked with a RADIUS server. Can I just load one on a Windows 2003 server?</P><P></P><P>What would I need to do on the PIX side to get this running?</P><P></P><P>Thanks.</P> Fri, 21 Feb 2020 09:50:59 GMT https://community.cisco.com/t5/network-security/securing-pix-remote-users/m-p/875056#M494396 boschrexroth 2020-02-21T09:50:59Z https://community.cisco.com/t5/network-security/securing-pix-remote-users/m-p/875057#M494399 <HTML><HEAD></HEAD><BODY><P>Install Microsoft IAS (Internet Authentication Service) on your 2003 server.</P><P></P><P><A class="jive-link-custom" href="http://technet2.microsoft.com/windowsserver/en/library/9a2a064f-a298-4026-8dfd-3d97c183f6761033.mspx?mfr=true" target="_blank">http://technet2.microsoft.com/windowsserver/en/library/9a2a064f-a298-4026-8dfd-3d97c183f6761033.mspx?mfr=true</A></P><P></P><P>This next doc explains how to set up the pix and the server.</P><P></P><P><A class="jive-link-custom" href="http://cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00806de37e.shtml" target="_blank">http://cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00806de37e.shtml</A></P></BODY></HTML> Thu, 03 Jan 2008 16:09:50 GMT https://community.cisco.com/t5/network-security/securing-pix-remote-users/m-p/875057#M494399 acomiskey 2008-01-03T16:09:50Z