cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

347
Views
0
Helpful
2
Replies
hanguye3
Cisco Employee

Cisco NGFW VPN | Radius Authen

Hi team,

I am supporting our customer on the VPN configuration. They have 02 site DC and DR, each site has 02 boxes ASA-5525 running HA mode and 02 RSA Radius Servers in HA mode for authentication.

The question is when using the  RA-VPN, can we configure the same priority on the ASAs for both RSA servers at each site, so that the VPN session will be loaded balance between sites or the priority has to be different so that the VPN session will be forwarded to the site which has higher priority.

Highly appreciate for any quick response.

Thanks in advance.

Br,

hainm

2 REPLIES 2
Divya Nair
Cisco Employee

hi Hainm,

On the ASA, you will have to configure the higher priority RSA server first in the AAA server group. The second (lower priority) server will only be used when the first RSA server does not respond to authentication requests.

HTH,

Divya

Many thanks bro.

Best regards,

.:|:.:|:. Hai Nguyen

Systems Engineer | Cisco Systems Vietnam

Desk: +84 24 3974 6248 | Mobile: +84 904 373 746 | hanguye3@cisco.com<mailto:hanguye3@cisco.com>

Content for Community-Ad