VPN AAA for specific radius users

Frank Hohenadel · ‎11-17-2014

Hi,

we are running a 2911 router with radius authentication for SSL as well as for VPN access. Is there a possibility to grant only specific users (out of the radius DB) access to the server ?

Thanks, Frank

nspasov · ‎11-17-2014

Hi Frank. A couple of questions:

- What are you using for Radius server

- Confirm with me that I have your requirements understood: You are trying to restrict certain users, located in the Radius database from accessing some server on your network?

Thank you for rating helpful posts!

Frank Hohenadel · ‎11-18-2014

Hi Neno,

the radius server is located within an Synology NAS (as Synology packet). The NAS itself is located inside the network.

My requirement is to limit the SSL VPN access to certain users located in the radius database.

Thanks, Frank

nspasov · ‎11-18-2014

Ah ok, so that will be configuration change inside your Radius server. I personally have never worked with Synology based Radius before but have done this with Cisco ACS, ISE and Microsoft NPS. In all three of those I was able to create a policy where only users located in "X" identity group were allowed to VPN in. I know I am oversimplifying it but it really isn't that bad...I just can't give you an example since I haven't worked with your type of Radius before :)

Hope this helps!

Thank you for rating helpful posts!