Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
516
Views
0
Helpful
2
Replies

Cisco NGFW VPN | Radius Authen

hanguye3
Cisco Employee
Cisco Employee

ā€Ž07-08-2018 11:18 PM

Hi team,

I am supporting our customer on the VPN configuration. They have 02 site DC and DR, each site has 02 boxes ASA-5525 running HA mode and 02 RSA Radius Servers in HA mode for authentication.

The question is when using the  RA-VPN, can we configure the same priority on the ASAs for both RSA servers at each site, so that the VPN session will be loaded balance between sites or the priority has to be different so that the VPN session will be forwarded to the site which has higher priority.

Highly appreciate for any quick response.

Thanks in advance.

Br,

hainm

Labels:
0 Helpful
2 Replies 2

Divya Nair
Cisco Employee
Cisco Employee

ā€Ž07-09-2018 05:38 AM

hi Hainm,

On the ASA, you will have to configure the higher priority RSA server first in the AAA server group. The second (lower priority) server will only be used when the first RSA server does not respond to authentication requests.

HTH,

Divya

0 Helpful

hanguye3
Cisco Employee
Cisco Employee
In response to Divya Nair

ā€Ž07-09-2018 08:18 AM

Many thanks bro.

Best regards,

.:|:.:|:. Hai Nguyen

Systems Engineer | Cisco Systems Vietnam

Desk: +84 24 3974 6248 | Mobile: +84 904 373 746 | hanguye3@cisco.com<mailto:hanguye3@cisco.com>

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card