Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
276
Views
0
Helpful
2
Replies

PIX VPNGROUP - Many users per group

tckoon
Level 1
Level 1

‎12-01-2003 12:32 AM - edited ‎02-20-2020 11:07 PM

Hi,

When configure PIX to VPN client 3.x , we use the command vpngroup.

How about if I have 20 VPN client users, does it mean I need to create 20 vpngroup XX profile ?

Can we have multiple users in one group and assign individual user with unique username/password ?

Just like the vpndn command for PPTP.

Thanks

0 Helpful
2 Replies 2

gfullage
Cisco Employee
Cisco Employee

‎12-01-2003 04:48 PM

You can certainly have more than one user per group. All you need to do is the following:

vpngroup address-pool ippool

vpngroup dns-server 10.1.1.2

vpngroup wins-server 10.1.1.2

vpngroup default-domain hp.com

vpngroup password

Then define the group in all your users VPn client connection profiles. To set up authentication locally on teh PIX, just add the following:

crypto map client authentication LOCAL

username password

You can have as many username/password combinations as you like.

The only thing you can't do is have one group use local authentication and another group use say, TACACS or Radius authentication, every group has to use the same authentication mechanism, but as I said, you can have one group or multiple groups, it's up to you.

0 Helpful

tckoon
Level 1
Level 1
In response to gfullage

‎12-01-2003 07:14 PM

Thanks a lot !

Best Regards.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card