Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1502
Views
0
Helpful
1
Replies

Site-to-site vpn user authentication

daniel.kline
Level 1
Level 1

‎12-09-2003 01:38 PM - edited ‎03-10-2019 07:35 AM

I have perused the networking forum looking for information on authenticating users traversing a PIX-PIX vpn tunnel. I have seen several threads discussing remote IPSec client authentication using RADIUS/ACS/RSA servers, but have not found much, if any, information on site-to-site vpn's.

Can users traversing a site-to-site (PIX-PIX) vpn tunnel be authenticated against either a local (PIX)database or an internal RADIUS server?

Further to that, are the (site-to-site or remote) users challenged for each service (Mail, FTP, Telnet, HTTP, etc) that they try to access? Or can they be authenticated once and then permitted access to all services? Can other services be challenged as well?

Any info or URL's would be greatly appreciated.

Thank You,

Dan

Labels:
0 Helpful
1 Reply 1

owillins
Level 6
Level 6

‎12-15-2003 11:02 AM

You may want to use aaa authentication using TACACS/RADIUS servers to authenticate users. However, site-to-site VPNs generally do not deploy user authentication methods. Here is a document describing configuring authentication on the PIX and another one on the site to site vpns. Hope they are of help.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094ea9.shtml

http://www.cisco.com/warp/public/779/largeent/avvid/vpn_srnd.pdf

0 Helpful
Customers Also Viewed These Support Documents