01-13-2012 10:50 PM - edited 03-11-2019 03:14 PM
Hi,
I would like to create a additional user vpn on a 55010 where the user authenticates with the firewall and not the radius server.
This user should NOT be able to log on to the firewall, but only be able to authenticates with the vpn client.
I'm correct that the command "username abc123 password abc234 privilege 0" ?
Also for this remote vpn how to I make sure the user only authencates with this password?
Thanks
Solved! Go to Solution.
01-14-2012 01:14 AM
Hi John,
You can do it by modifying the username attributes- Here is the example.
hostname(config)# username anyuser attributes
hostname(config-username)# group-lock {value tunnel-grp-name | none}
To remove-
hostname(config-username)# no group-lock
Thanks
Ajay
01-13-2012 11:07 PM
Hello John,
That is correct, with the privilege 0 you will restrict that username to only access via remote access.
each user can has their own and unique password.
Rate posts that helps.
Julio
01-14-2012 12:59 AM
Thanks,
In the group policy of the CLI, how can I only allow this username to authenticate with this group policy (tunnel group).
01-14-2012 01:14 AM
Hi John,
You can do it by modifying the username attributes- Here is the example.
hostname(config)# username anyuser attributes
hostname(config-username)# group-lock {value tunnel-grp-name | none}
To remove-
hostname(config-username)# no group-lock
Thanks
Ajay
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide