cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Community Helping Community

208
Views
0
Helpful
1
Replies
Beginner

VPN Authentication issue

We are using Anyconnect version 4.7 on an ASA5515x. We have about 60 users setup with Local Accounts on the ASA for authentication. This is becoming a headache when we want to force a change of passwords for the users. I know the local user database method does not have the option to let users manage their own passwords. I really want to keep the VPN accounts separate from the internal AD accounts. What would be a good option for allowing the users to manage their own passwords while keeping the VPN accounts and internal AD accounts separate. RADIUS looks like the option to get this done but I have no experience with it. Can anyone offer some guidance?

Thanks

1 REPLY 1
Rising star

Re: VPN Authentication issue

Radius is one valid option. Do you have ISE in your environment? What is the motivation to keep AD users separate from VPN user accounts? Anyways if using radius you will want to configure your VPN connection profile/s for AAA. If you desire to use certs & AAA this is an option too. In that scenario you would perform cert auth at the ASA and username/pass against your AAA server (radius), which could be local radius accounts or mapped to AD.
CreatePlease to create content
Content for Community-Ad
FusionCharts will render here