Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1772
Views
6
Helpful
2
Replies

Radius requests from FTD over L2L tunnel

Go to solution
Chess Norris
Level 4
Level 4

‎01-04-2021 05:17 AM

Hi,

I have an ISE radius server on the other side of a L2L tunnel and I need to authenticate some RA VPN clients that's connecting to my local FTD 1010. 

If I test from a radius client on my network using a radius test tool, I have no problem reaching the radius server, so the issue seems to be when sending the requests from the FTD device.

I just saw a similar case, but with two ASA:s and the solution there was to add the command "management-access inside", but I am not sure how to add this command from FMC.

Here is the post about it on the ASA https://community.cisco.com/t5/network-access-control/radius-over-sito-to-site-vpn/td-p/1995180  

Anyone now how to get this to work?

Thanks

/Chess

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Rob Ingram
VIP
VIP

‎01-04-2021 05:31 AM

@Chess Norris 

The source interface of the RADIUS requests needs to be defined in the crypto ACL as it would need to be routed over the VPN. That command can be added via flexconfig.

View solution in original post

2 Replies 2

Go to solution
Rob Ingram
VIP
VIP

‎01-04-2021 05:31 AM

@Chess Norris 

The source interface of the RADIUS requests needs to be defined in the crypto ACL as it would need to be routed over the VPN. That command can be added via flexconfig.

Go to solution
Chess Norris
Level 4
Level 4
In response to Rob Ingram

‎01-04-2021 06:36 AM

@Rob Ingram 

I added the management-access inside command in flexconfig and that solved it.

Thanks for your help.

/Chess

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card