cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

306
Views
5
Helpful
2
Replies
Highlighted
Beginner

Radius requests from FTD over L2L tunnel

Hi,

I have an ISE radius server on the other side of a L2L tunnel and I need to authenticate some RA VPN clients that's connecting to my local FTD 1010. 

If I test from a radius client on my network using a radius test tool, I have no problem reaching the radius server, so the issue seems to be when sending the requests from the FTD device.

I just saw a similar case, but with two ASA:s and the solution there was to add the command "management-access inside", but I am not sure how to add this command from FMC.

Here is the post about it on the ASA https://community.cisco.com/t5/network-access-control/radius-over-sito-to-site-vpn/td-p/1995180  

Anyone now how to get this to work?

Thanks

/Chess

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
VIP Mentor

@Chess Norris 

The source interface of the RADIUS requests needs to be defined in the crypto ACL as it would need to be routed over the VPN. That command can be added via flexconfig.

View solution in original post

2 REPLIES 2
Highlighted
VIP Mentor

@Chess Norris 

The source interface of the RADIUS requests needs to be defined in the crypto ACL as it would need to be routed over the VPN. That command can be added via flexconfig.

View solution in original post

Highlighted

@Rob Ingram 

I added the management-access inside command in flexconfig and that solved it.

Thanks for your help.

/Chess

Content for Community-Ad