cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

148
Views
0
Helpful
3
Replies
Frank Hohenadel
Beginner

VPN AAA for specific radius users

Hi,

we are running a 2911 router with radius authentication for SSL as well as for VPN access. Is there a possibility to grant only specific users (out of the radius DB) access to the server ? 

Thanks, Frank 

3 REPLIES 3
nspasov
Cisco Employee

Hi Frank. A couple of questions:

- What are you using for Radius server

- Confirm with me that I have your requirements understood: You are trying to restrict certain users, located in the Radius database from accessing some server on your network?

 

Thank you for rating helpful posts! 

Hi Neno,

the radius server is located within an Synology NAS (as Synology packet). The NAS itself is located inside the network.

My requirement is to limit the SSL VPN access to certain users located in the radius database.

Thanks, Frank

Ah ok, so that will be configuration change inside your Radius server. I personally have never worked with Synology based Radius before but have done this with Cisco ACS, ISE and Microsoft NPS. In all three of those I was able to create a policy where only users located in "X" identity group were allowed to VPN in. I know I am oversimplifying it but it really isn't that bad...I just can't give you an example since I haven't worked with your type of Radius before :)

Hope this helps!

 

Thank you for rating helpful posts! 

Create
Recognize Your Peers
Content for Community-Ad

ISE Webinars



Did you miss a previous ISE webinar?

CiscoISE YouTube Channel