03-21-2002 04:14 AM - edited 02-21-2020 09:59 AM
Hi,
We have a site-to-site VPN tunnel created between two sites using two PIX's running version 6.1(1) software.
We want the users from the remote network to be authenticated using RADIUS / TACACS+ server before they can access the network (for any IP traffic, not just http, ftp or telnet).
Any ideas?
03-28-2002 07:05 AM
http://www.cisco.com/warp/public/110/pixcryaaa52.shtml will show you how to setup xauth.
03-28-2002 09:24 AM
I was referring to User Authentication in site-to-site VPN scenario and not in Remote Access VPN scenario.
04-02-2002 06:54 AM
The PIX can only proxy authenticate for HTTP, telnet or ftp. Youll have to use that (or virtual HTTP) to have your user authenticate against and then, once authenticated, any additional conduits will open for that user. Use aaa authentication inbound/outbound ANY but have the user authenticate against one of the supported authentication protocols.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide