In the window that appears, specify a name for the new AAA Server group and choose RADIUS as the protocol. Click OK when finished.
Be sure that your new group is selected in the top pane and click Add to the right of the lower pane.
Provide the server information:
Interface Name—the interface that the ASA must use to reach the radius server
Server Name or IP address—the address that the ASA must use to reach the radius server
Server Secret Key—the shared secret key configured for the ASA on the radius server
Example AAA Server Configuration on the ASA
Once you have configured the AAA server group and server, navigate to Configuration > Remote Access VPN > Clientless SSL VPN Access > Connection Profiles in order to configure WebVPN to use the new AAA configuration.
Note: Even though this example uses WebVPN, you can set any remote access connection profile (tunnel group) to use this AAA setup.
Choose the profile for which you want to configure AAA, and click Edit.
Under Authentication choose the RADIUS server group that you created earlier. Click OK when finished.
Command Line Interface
Complete these steps in the command line interface (CLI) in order to configure the ASA to communicate with the ACS server and authenticate WebVPN clients.
Use this section in order to confirm that your configuration works properly.
Test with ASDM
Verify your RADIUS configuration with the Test button on the AAA Server Groups configuration screen. Once you supply a username and password, this button allows you to send a test authentication request to the radius server.
Hi, Can someone help me understand the effect of implementing metric in the address family ipv4 rather than in a specific interface.Please see below config for reference. router isis 123is-type level-2-onlynet xx.xxxx.xxxx.xxxx.xxxx.xxnsf ietflo...
Hello!As a pandemic consequence most users are working remotely and they are connected by VPN remote access.Another consequence are the increasing number of tickets from users claim about quality of their VPN connections.Have anyone had already deploy som...
The purpose of this document is to demonstrate how ISE authenticate / authorize a user that uses a smart card (PIN + Certificate) and password mechanism to login their system. This document describes the components used for this setup, configuration of IS...
Hello,We have just upgraded FTD 2110 firewall to firmware version 6.6.1. Since the AC element count is 800k, FMC shows a warning message "the number of access list elements generated for the access control policy exceeds the limit for this platform", sugg...
So I have come to learn that AMP doesn't have features that I am accustom to. Is there a way, beside creating more policies, to apply an exclusion to a single system? I am needing to create a 5 separate exclusion for my backup software. The machine f...